http://krebsonsecurity.com/2014/06/operation-tovar-targets-gameover-zeus-botnet-cryptolocker-scourge/
By Brian Krebs
Krebs on Security
June 2, 2014
The U.S. Justice Department is expected to announce today an international
law enforcement operation to seize control over the Gameover ZeuS botnet,
a sprawling network of hacked Microsoft Windows computers that currently
infects an estimated 500,000 to 1 million compromised systems globally.
Experts say PCs infected with Gameover are being harvested for sensitive
financial and personal data, and rented out to an elite cadre of hackers
for use in online extortion attacks, spam and other illicit moneymaking
schemes.
The sneak attack on Gameover, dubbed “Operation Tovar,” began late last
week and is a collaborative effort by investigators at the FBI, Europol,
and the UK’s National Crime Agency; security firms CrowdStrike, Dell
SecureWorks, Symantec, Trend Micro and McAfee; and academic researchers at
VU University Amsterdam and Saarland University in Germany. News of the
action first came to light in a blog post published briefly on Friday by
McAfee, but that post was removed a few hours after it went online.
Gameover is based on code from the ZeuS Trojan, an infamous family of
malware that has been used in countless online banking heists. Unlike ZeuS
— which was sold as a botnet creation kit to anyone who had a few thousand
dollars in virtual currency to spend — Gameover ZeuS has since October
2011 been controlled and maintained by a core group of hackers from Russia
and Ukraine.
Those individuals are believed to have used the botnet in high-dollar
corporate account takeovers that frequently were punctuated by massive
distributed-denial-of-service (DDoS) attacks intended to distract victims
from immediately noticing the thefts. According to the Justice Department,
Gameover has been implicated in the theft of more than $100 million in
account takeovers.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
