ALREADY infected by Gameover Zeus Malware?
In early June 2014, the U.S. Department of Justice announced that an international inter-agency collaboration named Operation Tovar had succeeded in temporarily cutting communication between Gameover Zeus, its command and control servers.
According to the FBI, Gameover Zeus is an extremely sophisticated type of malware designed specifically to steal banking and other credentials from the computers it infects. It is predominately spread through spam e-mail or phishing messages. It is believed to have been spread through the use of Cutwail Botnet.
The infected computers become part of a global network of compromised computers known as a Botnet-a powerful online tool that cyber criminals can use for their own nefarious purposes. In the case of Gameover Zeus, its primary purpose is to capture banking credentials from infected computers, then use those credentials to initiate or re-direct wire transfers to accounts overseas that are controlled by the criminals. Losses attributable to Gameover Zeus are estimated to be more than $100 million.
Unlike earlier Zeus variants, Gameover has a decentralized, peer-to-peer command and control infrastructure rather than centralized points of origin, which means that instructions to the infected computers can come from any of the infected computers, making a takedown of the Botnet more difficult.
Gameover Zeus has mostly been used for online banking fraud and distribution of the CryptoLocker Ransomware.
CryptoLocker when activated encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers. A message is then displayed on the computer screen which offers to decrypt the data if a payment (through either Bitcoin or a pre-paid voucher) is made by the stated deadline and also threatens to delete the private key if the deadline passes. In case the deadline is not met, the malware offers to decrypt data via an online service provided by the malware's operators, for a significantly higher price in Bitcoin.
Although CryptoLocker itself is readily removed, files remain encrypted which researchers have considered impossible to break.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.