US authorities bust Gameover Zeus botnet

Security

by | 03 June 2014

FBI tracks the culprits behind a virus which siphons money

A multi-nation operation led by the US has disrupted Gameover Zeus, a two-year-old botnet which infected between 500,000 and 1 million computers across the globe.

The malicious software has been used for stealing banking credentials and extorting computer owners, the US Justice Department said in a release. It is said to be derived from the original "Zeus" trojan virus that was used for stealing financial passwords in 2006.

Computer experts say that the Gameover Zeus works on a peer-to-peer distribution method, where thousands of computers could reinfect and update each other.

Close to a dozen countries were involved in the bust operation to work with private security companies for taking control of the network of infected machines. The losses from the botnet account for more than $100m, according to FBI.

US deputy attorney general James Cole said in a statement: "This operation disrupted a global botnet that had stolen millions from businesses and consumers as well as a complex ransomware scheme that secretly encrypted hard drives and then demanded payments for giving users access to their own files and data."

The botnet also installed other malicious programmes, such as Cryptolocker, which encrypted files and demanded ransom payments. Cryptolocker is said to have infected more than 234,000 machines, with $27m in ransom payments in its first two months, the Justice Department said.

$750 ransom came from a police department in Massachusetts whose investigative files were compromised, sources report, with other high profile victims including PNC Bank and Capital One Bank, according to court documents.

Authorities in several countries seized servers around the world, freeing 300,000 victim computers from the botnet.

Meanwhile, a Russian citizen Evgeniy Mikhaylovich Bogachev has been charged with hacking, fraud and money laundering in connection with his alleged role as a mastermind of Gameover Zeus.

In an affidavit filed with the court, FBI cited online chats in which aliases associated with Bogachev claimed authorship of the original Zeus trojan. Authorities say there could be other people involved in the conspiracy.

But Bogachev might never be arrested as Russia does not extradite accused criminals to other countries.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

756 people like this.
0 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.