FBI tracks the culprits behind a virus which siphons money
A multi-nation operation led by the US has disrupted Gameover Zeus, a two-year-old botnet which infected between 500,000 and 1 million computers across the globe.
The malicious software has been used for stealing banking credentials and extorting computer owners, the US Justice Department said in a release. It is said to be derived from the original "Zeus" trojan virus that was used for stealing financial passwords in 2006.
Computer experts say that the Gameover Zeus works on a peer-to-peer distribution method, where thousands of computers could reinfect and update each other.
Close to a dozen countries were involved in the bust operation to work with private security companies for taking control of the network of infected machines. The losses from the botnet account for more than $100m, according to FBI.
US deputy attorney general James Cole said in a statement: "This operation disrupted a global botnet that had stolen millions from businesses and consumers as well as a complex ransomware scheme that secretly encrypted hard drives and then demanded payments for giving users access to their own files and data."
The botnet also installed other malicious programmes, such as Cryptolocker, which encrypted files and demanded ransom payments. Cryptolocker is said to have infected more than 234,000 machines, with $27m in ransom payments in its first two months, the Justice Department said.
$750 ransom came from a police department in Massachusetts whose investigative files were compromised, sources report, with other high profile victims including PNC Bank and Capital One Bank, according to court documents.
Authorities in several countries seized servers around the world, freeing 300,000 victim computers from the botnet.
Meanwhile, a Russian citizen Evgeniy Mikhaylovich Bogachev has been charged with hacking, fraud and money laundering in connection with his alleged role as a mastermind of Gameover Zeus.
In an affidavit filed with the court, FBI cited online chats in which aliases associated with Bogachev claimed authorship of the original Zeus trojan. Authorities say there could be other people involved in the conspiracy.
But Bogachev might never be arrested as Russia does not extradite accused criminals to other countries.
get a cbr Cyber Security weekly update
Unable to register now