AAPL Stock: 117.81 ( -0.22 )

Printed from

'Gameover Zeus' malware shuttered, Russian mastermind sought

updated 01:55 pm EDT, Tue June 3, 2014

US, UK believes that shutdown may only be temporary

The US Department of Justice and the FBI, alongside with law enforcement officials in Australia, Canada, France, Germany, Italy, Japan, Luxembourg, New Zealand, and the Ukraine, have announced that the "Gameover Zeus" botnet, responsible for the wide distribution of the Cryptolocker ransomware package, has been at least partially disabled. US officials have seized the botnet controllers in the Ukraine and other nations, giving control to law enforcement and releasing 300,000 from the clutches of the package, possibly only temporarily.

Gameover Zeus is a newer version of the original Windows-based Zeus trojan horse. The malware package often used to steal banking information by keystroke logging and interception of completed user forms. Zeus and its derivatives are spread mainly through phishing schemes.

The original was identified in July 2007, when it was used to steal information from the United States Department of Transportation. In June 2009, security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA,, ABC, Oracle,, Cisco, Amazon, and BusinessWeek.

"This operation disrupted a global botnet that had stolen millions from businesses and consumers as well as a complex ransomware scheme that secretly encrypted hard drives and then demanded payments for giving users access to their own files and data," said Deputy Attorney General James MCole. "We succeeded in disabling Gameover Zeus and Cryptolocker only because we blended innovative legal and technical tactics with traditional law enforcement tools, and developed strong working relationships with private industry experts and law enforcement counterparts in more than 10 countries around the world."

"Gameover Zeus is the most sophisticated botnet the FBI and our allies have ever attempted to disrupt," said FBI Executive Assistant Director Robert Anderson Jr. "The efforts announced today are a direct result of the effective relationships we have with our partners in the private sector, international law enforcement, and within the US government."

Zeus and Cryptolocker are alleged to have brought in over $100 million in pilfered funds and ransoms paid. Attorney General Cole claims that the mastermind of the botnet, Russian Evgeniy Mikhaylovich Bogachev, is being sought. Cole says that the US DoJ is in contact with Russia about the prime suspect and "we've been having discussions with them about moving forward and about trying to get custody of Mr. Bogachev."

The United Kingdom National Crime Agency believes that users may have as little as two weeks to purge devices of the infection. The US has made no such estimate but does note that "the resiliency of GOZ's P2P infrastructure makes takedown efforts more difficult." The US Computer Emergency Readiness Team has set up a resource to help users clean computers of the malware.

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented