Subscribe Now

* You will receive the latest news and updates on the Canadian IT marketplace.

Trending News

Blog Post

Authorities take down Gameover Zeus and Cryptolocker
SECURITY

Authorities take down Gameover Zeus and Cryptolocker 

The software, which authorities believe is based on the Zeus trojan, has affected an estimated 500,000 to 1 million computers across the globe since October 2011. It operates on a peer-to-peer network of Windows PCs and steals banking credentials from unsuspecting victims.

“Experts say PCs infected with Gameover are being harvested for sensitive financial and personal data, and rented out to an elite cadre of hackers for use in online extortion attacks, spam and other illicit moneymaking schemes,” wrote Brian Krebs on his blog, Krebs on Security.

Together with the Cryptolocker ransomware, Gameover Zeus has helped cyber criminals steal more than $100 million from individuals and businesses. Where Gameover Zeus runs silently in the background on infected machines, Cryptolocker—once activated—encrypts documents on the host computer and can only be unencrypted once the victim pays the hackers a hefty ransom.

According to Krebs, the operation included not only the FBI, Europol and the United Kingdom’s National Crime Agency, but also private-sector companies such as Dell SecureWorks, Symantec and McAfee.

“Beginning in the early morning hours on Friday and continuing through the weekend, the FBI and foreign law enforcement…began the coordinated seizure of computer servers around the world that had been the backbone of Gameover Zeus and Cryptolocker,” said Leslie R. Caldwell, Assistant Attorney General, Department of Justice, United States of America, in a statement. “These seizures took place in Canada, France, Germany, Luxembourg, the Netherlands, Ukraine and the United Kingdom.”

Over the weekend, the FBI managed to release 300,000 computers from the botnet, and “by Saturday, Cryptolocker was no longer functioning and its infrastructure had been effectively dismantled,” according to Caldwell.

Russian national Evgeniy Mikhailovich Bogachev has been charged by U.S. authorities for development of the software and participation in both schemes. Bogachev remains at large.

{module Gone in 60 seconds}

Related posts