Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Tech News > 'Gameover Zeus' malware shuttered, Russian mastermind sought

'Gameover Zeus' malware shuttered, Russian mastermind sought
Thread Tools
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Jun 3, 2014, 01:55 PM
The US Department of Justice and the FBI, alongside with law enforcement officials in Australia, Canada, France, Germany, Italy, Japan, Luxembourg, New Zealand, and the Ukraine, have announced that the "Gameover Zeus" botnet, responsible for the wide distribution of the Cryptolocker ransomware package, has been at least partially disabled. US officials have seized the botnet controllers in the Ukraine and other nations, giving control to law enforcement and releasing 300,000 from the clutches of the package, possibly only temporarily.

Gameover Zeus is a newer version of the original Windows-based Zeus trojan horse. The malware package often used to steal banking information by keystroke logging and interception of completed user forms. Zeus and its derivatives are spread mainly through phishing schemes.

The original was identified in July 2007, when it was used to steal information from the United States Department of Transportation. In June 2009, security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek.

"This operation disrupted a global botnet that had stolen millions from businesses and consumers as well as a complex ransomware scheme that secretly encrypted hard drives and then demanded payments for giving users access to their own files and data," said Deputy Attorney General James MCole.  "We succeeded in disabling Gameover Zeus and Cryptolocker only because we blended innovative legal and technical tactics with traditional law enforcement tools, and developed strong working relationships with private industry experts and law enforcement counterparts in more than 10 countries around the world."

"Gameover Zeus is the most sophisticated botnet the FBI and our allies have ever attempted to disrupt," said FBI Executive Assistant Director Robert Anderson Jr.  "The efforts announced today are a direct result of the effective relationships we have with our partners in the private sector, international law enforcement, and within the US government."

Zeus and Cryptolocker are alleged to have brought in over $100 million in pilfered funds and ransoms paid. Attorney General Cole claims that the mastermind of the botnet, Russian Evgeniy Mikhaylovich Bogachev, is being sought. Cole says that the US DoJ is in contact with Russia about the prime suspect and "we've been having discussions with them about moving forward and about trying to get custody of Mr. Bogachev."

The United Kingdom National Crime Agency believes that users may have as little as two weeks to purge devices of the infection. The US has made no such estimate but does note that "the resiliency of GOZ's P2P infrastructure makes takedown efforts more difficult." The US Computer Emergency Readiness Team has set up a resource to help users clean computers of the malware.
( Last edited by NewsPoster; Jun 16, 2014 at 06:09 AM. )
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Privacy Policy
All times are GMT -4. The time now is 08:34 AM.
All contents of these forums © 1995-2015 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2015, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2