View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

US authorities bust Gameover Zeus botnet

FBI tracks the culprits behind a virus which siphons money

By Vinod

A multi-nation operation led by the US has disrupted Gameover Zeus, a two-year-old botnet which infected between 500,000 and 1 million computers across the globe.

The malicious software has been used for stealing banking credentials and extorting computer owners, the US Justice Department said in a release. It is said to be derived from the original "Zeus" trojan virus that was used for stealing financial passwords in 2006.

Computer experts say that the Gameover Zeus works on a peer-to-peer distribution method, where thousands of computers could reinfect and update each other.

Close to a dozen countries were involved in the bust operation to work with private security companies for taking control of the network of infected machines. The losses from the botnet account for more than $100m, according to FBI.

US deputy attorney general James Cole said in a statement: "This operation disrupted a global botnet that had stolen millions from businesses and consumers as well as a complex ransomware scheme that secretly encrypted hard drives and then demanded payments for giving users access to their own files and data."

The botnet also installed other malicious programmes, such as Cryptolocker, which encrypted files and demanded ransom payments. Cryptolocker is said to have infected more than 234,000 machines, with $27m in ransom payments in its first two months, the Justice Department said.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

$750 ransom came from a police department in Massachusetts whose investigative files were compromised, sources report, with other high profile victims including PNC Bank and Capital One Bank, according to court documents.

Authorities in several countries seized servers around the world, freeing 300,000 victim computers from the botnet.

Meanwhile, a Russian citizen Evgeniy Mikhaylovich Bogachev has been charged with hacking, fraud and money laundering in connection with his alleged role as a mastermind of Gameover Zeus.

In an affidavit filed with the court, FBI cited online chats in which aliases associated with Bogachev claimed authorship of the original Zeus trojan. Authorities say there could be other people involved in the conspiracy.

But Bogachev might never be arrested as Russia does not extradite accused criminals to other countries.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.