U.S., foreign agents disrupt Gamover Zeus botnet
Two U.S. courts unseal charges releated to the giant botnet and the Cryptolocker ransomware
IDG News Service - The U.S. Department of Justice, working with law enforcement agencies in other countries, revealed Monday a multinational effort to disrupt Gameover Zeus, a 2-year-old botnet employing an estimated 500,000 to 1 million compromised computers.
Two U.S. courts, meanwhile, have unsealed criminal charges against the alleged administrator of the giant Gameover Zeus botnet. The FBI estimates that Gameover Zeus, which targets banking credentials and other personal information, is responsible for more than $100 million in losses.
In a separate but related action, U.S. and foreign law enforcement officials worked together to seize computer servers central to the malware known as Cryptolocker, a form of ransomware that encrypts files on victims' computers until they pay a ransom, the DOJ said.
"This operation disrupted a global botnet that had stolen millions from businesses and consumers as well as a complex ransomware scheme that secretly encrypted hard drives and then demanded payments for giving users access to their own files and data," Deputy Attorney General James Cole said in a statement.
In the Gameover Zeus case, a grand jury in Pittsburgh has unsealed a 14-count indictment against Evgeniy Mikhailovich Bogachev, 30, of Anapa, Russia, the DOJ announced Monday. The grand jury charged him with conspiracy, computer hacking, wire fraud, bank fraud and money laundering in connection with his alleged role as an administrator of Gameover Zeus.
Bogachev was also charged by criminal complaint in Omaha, Nebraska, with conspiracy to commit bank fraud related to his alleged involvement in the operation of a prior variant of Zeus malware known as Jabber Zeus.
"Gameover Zeus is the most sophisticated botnet the FBI and our allies have ever attempted to disrupt," FBI Executive Assistant Director Robert Anderson Jr. said in a statement. "The efforts announced today are a direct result of the effective relationships we have with our partners in the private sector, international law enforcement, and within the U.S. government."
In a separate civil injunction application filed in Pittsburgh, Bogachev is identified as the alleged leader of a tightly knit gang of cybercriminals based in Russia and Ukraine responsible for the development and operation of both the Gameover Zeus and Cryptolocker schemes.
A law enforcement investigation identified the Gameover Zeus network as a common distribution mechanism for Cryptolocker, the DOJ said.
Unsolicited emails containing an infected file purporting to be a voicemail or shipping confirmation are also widely used to distribute Cryptolocker. When opened, those attachments infect victims' computers. Bogachev is alleged in the civil filing to be an administrator of both Gameover Zeus and Cryptolocker.
Law enforcement agencies from several countries also participated in efforts to disrupt Gameover Zeus and Cryptolocker.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts