View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 12, 2014

GameOver Zeus returns to North America and Europe

Signs of trojan resurgence in the US, Ukraine and Belarus.

By Jimmy Nicholls

Two variants of the GameOver Zeus (GOZeuS) trojan have been spotted in the wild by security firm Bitdefender.

While one is mostly targeting the US, the other is based primarily in Ukraine and Belarus, based on the number of infected IP addresses contacting the company’s sinkholes.

Bitdefender said: "Although there have been multiple domains registered for the botnet targeting US lately, we found none for the botnet targeting Ukraine and Belarus, meaning that no-one is using the bots at this moment.

"However, the botnet could find itself with a new master anytime."

5,000 machines infected by the first strain were found in the US, with around 3,000 infected by the second strain residing in Ukraine or Belarus.

Both versions use a domain generation algorithm (DGA) to create domains active only for a day, making it more difficult for cyber security teams to fight.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

At the beginning of June international police took down a GOZeuS botnet run by a gang based between Ukraine and Russia for two weeks, but since then reports have emerged about the return of malware, which also distributes CryptoLocker ransomware.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.