FBI, DOJ bottle GameOver Zeus botnet, Cryptolocker ransomware

The Department of Justice and the FBI have disrupted the GameOver Zeus botnet, believed to be responsible for the theft of at least $100 million dollars from businesses and consumers worldwide.

A botnet is a network of unwilling host computers - usually infected through phishing messages or spam email - that are taken over by cyber criminals and are used not only to affect the user of each computer, but also to enlist that computer as a carrier of the malware to other computers.

In the case of GameOver Zeus, its primary purpose is to capture banking credentials from compromised computers, then initiate or re-direct wire transfers to accounts overseas that are controlled by the criminals. Users of infected machines are usually unaware that their computer is part of a botnet.

"This operation disrupted a global botnet that had stolen millions from businesses and consumers," said DOJ Deputy Attorney General James. M. Cole. "We succeeded in disabling GameOver Zeus and Cryptolocker only because we blended innovative legal and technical tactics with traditional law enforcement tools and developed strong working relatonships with private industry experts and law enforcement counterparts in more than 10 countries."

As part of the crackdown, criminal charges were unsealed against alleged botnet administrator Evgeniy Mikhailovich Bogachev of Anapa, Russian Federation. Mr. Bogachev has been added to the FBI's Cyber's Most Wanted List. He is also alleged to be involved with a ransomware scheme, Cryptolocker, which locks victim's computer files and demands a fee in return for unlocking them. Cryptolocker and GameOver Zeus are often found on the same computer. Also announced today was the seizing of Cryptolocker command and control servers.

Unlike earlier Zeus variants, GameOver has a decentralized peer-to-peer command and control infrastructure which means that instructions to the infected computers can come from any of the infected computers. This makes disrupting or stopping the botnet more difficult. Toward that end, steps were announced that will sever communications between infected computers, re-directing those computers away from criminal servers to servers under the government's control.

"GameOver Zeus is the most sophisticated botnet the FBI and our allies have ever attempted to disrupt," said FBI Executive Assistant Director Robert Anderson. "The efforts announced today are a direct result of the effective relationships we have with our partners in the private sector, international law enforcement and within the U.S. government."

Both malware infections afflict only Microsoft Windows-based operating systems. Victims of GameOver Zeus are encouraged to visit a website created by the Department of Homeland Security's Computer Emergency Readiness Team for assistance in removing the malware.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics