The FBI and the Department of Justice in collaboration  with International law agencies has managed to significantly disrupt the effects of “GameOver Zeus Botnet” and “Cryptolocker the Ransomware” earlier this week

GameOver Zeus Botnet which is allegedly responsible for the theft of hundreds of millions of dollars from businesses and consumers around the world is believed to have infected more than 1 Million computers globally.

GameOver Zeus Botnet which infected more than 1 Million computers Globally, disrupted by the FBI

The GameOver Zeus Botnet Malware is a sophisticated variant of the Zeus Malware and is designed to steal the victim’s banking credentials to initiate or re-direct wire transfers to overseas accounts that are controlled by the criminal networks. The infected system or computer also becomes the part of a global network of compromised computers known as a botnet which can be controlled for more nefarious purposes by the cyber criminals like DDoS attacks against well known sites. The malware  spreads mostly through spam e-mail or phishing messages.

GameOver Zeus Botnet which infected more than 1 Million computers Globally, disrupted by the FBI

Unlike earlier Zeus variants, GameOver has a decentralized, peer-to-peer command and control infrastructure rather than centralized points of origin, which means that instructions to the infected computers can come from any of the infected computers, making a takedown of the botnet more difficult because even though the main server is shut down the ancillary botnets can be used assume control and send the commands.

Officials said that in addition to the filing a criminal case, the U.S government has also obtained authorisations from the Federal Court in Pittsburgh which authorized measures to sever communications between the infected computers, re-directing these computers away from criminal servers to substitute servers under the government’s control.   According to the reports the infected servers have been quarantined and and redirected for now but the same reports say that, it won’t take long before they popup again elsewhere. 

The court orders also authorized the FBI to identity the IP addresses of the victim computers reaching out to the substitute servers and to provide that information to Computer Emergency Readiness Teams (CERTs) around the world, as well as to Internet service providers and other private sector parties who are then able to assist victims in removing GameOver Zeus from their computers.

In related actions U.S. and foreign law enforcement officials also seized  Cryptolocker command and control servers. Cryptolocker is a type of Ransomware that encrypt’s or locks the Victim’s File on Computer and demands a ransom to unlock it. the devices infected with Cryptolocker are often infected by GameOver Zeus Botnet too.

The FBI has identified Russian Evgeniy Mikhailovich Bogachev as the leader of a gang of cyber criminals based in Russia and the Ukraine responsible for the development and operation of both the GameOver Zeus and Cryptolocker schemes. Evgeniy Bogachev aka  “lucky12345” and “slavik” tops the FBI’s Cyber’s Most Wanted 

GameOver Zeus Botnet which infected more than 1 Million computers Globally, disrupted by the FBI
Source:fbi.gov

Are You Infected too?
According to the FBI these are the major signs to check if your computer is Infected by GameOver Zeus Botnet:
– Your computer system operates very slowly.  
– Your cursor moves erratically with no input from you.  
– You notice unauthorized logins to your bank accounts or unauthorized money transfers.  
– Text-based chat windows appear on your computer’s desktop unexpectedly.  
– Your computer files lock up and a ransom demand is made to unlock files.

How do i Protect Myself?
– Make sure you have updated antivirus software on your computer.  
– Enable automated patches for your operating system and web browser.  
– Have strong passwords, and don’t use the same passwords for everything.  
– Use a pop-up blocker.  
– Only download software—especially free software—from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars).  
– Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an e-mail, even if you think it looks safe. Instead, close out the e-mail and go to the organization’s website directly.

The Victims have less than 2 weeks to protect themselves before the Cyber criminals restart the Network.

Last month FBI has also raided and arrested the BlackShades RAT Users Globally bringing up the chances of more arrests and crackdown in next few weeks.

LEAVE A REPLY

Please enter your comment!
Please enter your name here