HOME

TheInfoList



Click Here for Items Related To - Gameover ZeuS
OR:
Gameover ZeuS on:   [Wikipedia]   [Google]   [Amazon]

GameOverZeus is a
peer-to-peer Peer-to-peer (P2P) computing or networking is a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the network. They are said to form a peer-to-peer ...
botnet A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its co ...
based on components from the earlier
ZeuS trojan Zeus, ZeuS, or Zbot is a Trojan horse malware package that runs on versions of Microsoft Windows. While it can be used to carry out many malicious and criminal tasks, it is often used to steal banking information by man-in-the-browser keys ...
. The malware was created by Russian hacker Evgeniy Mikhailovich Bogachev. It is believed to have been spread through use of the
Cutwail botnet The Cutwail botnet, founded around 2007, is a botnet mostly involved in sending spam e-mails. The bot is typically installed on infected machines by a Trojan component called Pushdo. It affects computers running Microsoft Windows. History In Ju ...
. Unlike its predecessor the ZeuS trojan, Gameover ZeuS uses an
encrypted In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...
peer-to-peer communication Peer-to-peer (P2P) computing or networking is a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the network. They are said to form a peer-to-peer ...
system to communicate between its nodes and its
command and control server A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conn ...
s, greatly reducing its vulnerability to law enforcement operations. The algorithm used appears to be modeled on the Kademlia P2P protocol. Scammers control and monitor Gameover ZeuS via
command and control Command and control (abbr. C2) is a "set of organizational and technical attributes and processes ... hatemploys human, physical, and information resources to solve problems and accomplish missions" to achieve the goals of an organization or e ...
(C&C) servers. The virus establishes the connection to the server as soon as its malicious executable installs on the computer, at which point it can disable certain system processes, download and launch executables, or delete essential system files, making the system unusable. According to a report by
Symantec Symantec may refer to: *An American consumer software company now known as Gen Digital Inc. *A brand of enterprise security software purchased by Broadcom Inc. Broadcom Inc. is an American designer, developer, manufacturer and global supplier ...
, Gameover ZeuS has largely been used for banking fraud and distribution of the
CryptoLocker The CryptoLocker ransomware attack was a cyberattack using the ''CryptoLocker'' ransomware that occurred from 5 September 2013 to late May 2014. The attack utilized a trojan that targeted computers running Microsoft Windows, and was believed t ...
ransomware. The top infected countries were US, Italy, UAE, Japan, India and the UK.


Evgeniy Mikhailovich Bogachev

In early June 2014, the U.S. Department of Justice announced that an international inter-agency collaboration named Operation Tovar had succeeded in temporarily cutting communication between Gameover ZeuS and its command and control servers. This was an effort to shut down the Evgeniy Mikhailovich Bogachev criminal infrastructure and liberate computers infected with GameOver ZeuS. "He has been indicted in the United States, accused of creating a sprawling network of virus-infected computers to siphon hundreds of millions of dollars from bank accounts around the world, targeting anyone with enough money worth stealing." In a widely circulated photo, he is pictured holding a domestic
Bengal cat The Bengal cat is a domesticated cat breed created from a hybrid of the Asian leopard cat (''Prionailurus bengalensis''), with domestic cats, especially the spotted Egyptian Mau. The breed name comes from the leopard cat's taxonomic name. Beng ...
. Bitdefender has identified two Gameover ZeuS variants in the wild: one of them generates 1,000 domains per day and the other generates 10,000 per day.


FBI Reward

On 24 February 2015, the FBI announced a reward of up to $3 million in exchange for information regarding alleged Russian cybercriminal Evgeniy Mikhailovich Bogachev (also known online as "Slavik", "lucky12345", "Pollingsoon", "Monstr", "IOO" and "Nu11") over his suspected association with Gameover ZeuS. The FBI reward of $3 million was the highest ever for a cybercriminal. until on Thursday, 5 December 2019, the F.B.I. issued a $5 million reward for the leader of the 'Evil Corp' hacker group, Maksim Viktorovich Yakubets for the development and deployment of the Dridex banking trojan virus.


See also

* Conficker * Command and control (malware) * Operation Tovar *
Russian interference in the 2016 United States elections The Russian government interfered in the 2016 U.S. presidential election with the goals of harming the campaign of Hillary Clinton, boosting the candidacy of Donald Trump, and increasing political and social discord in the United States. Acc ...
* Timeline of computer viruses and worms * Tiny Banker Trojan * Torpig * Zeus (malware) * Zombie (computer science)


References

Botnets Peer-to-peer computing Windows trojans Hacking in the 2010s {{law-enforcement-stub