Game Over for Lucrative Zeus Botnet

The U.S. Department of Justice on Monday made public a multi-national effort to disrupt the GameOver Zeus botnet, a global network of infected victim computers cybercriminals were using to steal millions of dollars from businesses and consumers. Microsoft was in the thick of the fix.

GameOver Zeus, a variant of the Zeus (or Zbot) family of malware, is a highly prevalent password-stealing trojan, according to research by the Microsoft Security Intelligence Report. WhatEUs more, the Dell SecureWorks Counter Threat Unit reports that it was the most active banking trojan of 2013.

In a separate action, U.S. and foreign law enforcement officials worked together to seize computer servers central to the malware known as Cryptolocker, a form of ransomware that encrypts the files on victimsEU computers until they pay ransom.

EUGameOver Zeus is the most sophisticated botnet the FBI and our allies have ever attempted to disrupt,EU said FBI Executive Assistant Director Robert Anderson. EUThe efforts announced today are a direct result of the effective relationships we have with our partners in the private sector, international law enforcement, and within the U.S. government.EU

Microsoft Helps Takedown

The impact GameOver Zeus is not limited to the financial industry, however. Nearly all major businesses and public sector organizations are impacted. Security researchers estimate that between 500,000 and 1 million computers worldwide are infected. All told, the FBI estimates that GameOver Zeus is responsible for more than $100 million in losses.

EUMicrosoftEUs role in this technical action was to conduct analysis on the P2P network and develop a cleaning solution,EU Microsoft said in a blog post. EUAlso, through an additional feed from Shadow Server, we are able to augment our visibility into the number of impacted IP addresses that feed into MicrosoftEUs Cyber-Threat Intelligence Program (C-TIP), and work closely with global Community Emergency Response Teams (CERTs) and Internet...

Comments are closed.