Gameover Zeus returns bigger, badder and bolder

Security

by Jimmy Nicholls| 01 August 2014

Seculert claims malicious domain generation has increased sevenfold.

The Gameover Zeus botnet has returned in an even more virulent strain, according to security firm Seculert.

The Trojan is now said to be generating 1,000 malicious domains per day, a sevenfold increase since before international police took down the botnet for two weeks at the start of June.

Aviv Raff, chief technology officer at Seculert, said: "In the last few days we have seen a surge in the number of bots communicating with our sinkhole, reaching as high as almost 10,000 infected devices."

In addition to a new domain generation algorithm, the updated botnet has dropped its peer to peer (P2P) function, according to the firm.

"We anticipate the communications traffic to level out over time to reflect pre-takedown amounts," Raff added.

Following a similar set of tests conducted after the Shylock takedown, Seculert is beginning to question whether takedowns are effective.

"It is worth considering whether takedowns are a win for the team of cyber good guys or just a timeout allowing the criminals to regroup and come back stronger," Raff said.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

756 people like this.
0 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.