Gameover ZeuS

Gameover ZeuS is a peer-to-peer botnet based on components from the earlier ZeuS trojan. It is believed to have been spread through use of the Cutwail botnet.^[1]

Unlike its predecessor the ZeuS trojan, Gameover ZeuS uses an encrypted peer-to-peer communication system to communicate between its nodes and its command and control servers, greatly reducing its vulnerability to law enforcement operations.^[1] The algorithm used appears to be modeled on the Kademlia P2P protocol.^[2]

According to a report by Symantec, Gameover Zeus has largely been used for banking fraud and distribution of the CryptoLocker ransomware.^[3]

In early June 2014, the U.S. Department of Justice announced that an international inter-agency collaboration named Operation Tovar had succeeded in temporarily cutting communication between Gameover ZeuS and its command and control servers.^[4]^[5]

On 24 February 2015, the FBI announced a reward of up to $3 million in exchange for information regarding alleged Russian cyber criminal Evgeniy Bogachev over his suspected association with Gameover ZeuS.^[6]^[7]

Bitdefender has identified two Gameover ZeuS variants in the wild: one of them generates 1,000 domains per day and the other generates 10,000 per day.^[8]

References[edit]

^ ^a ^b Brian Krebs (2 June 2014). "'Operation Tovar' Targets 'Gameover' ZeuS Botnet, CryptoLocker Scourge". Krebs on Security.
^ By Counter Threat Unit™ (CTU) Research Team. "Gameover Zeus re-emerges without peer-to-peer capability". Secureworks.com. SecureWorks. Retrieved 9 March 2016.
^ "International Takedown Wounds Gameover Zeus Cybercrime Network". Symantec. 2 June 2014.
^ John E. Dunn (2 June 2014). "Operation Tovar disconnects Gameover Zeus and CryptoLocker malware - but only for two weeks". TechWorld.
^ "U.S. Leads Multi-National Action Against "Gameover Zeus" Botnet and "Cryptolocker" Ransomware, Charges Botnet Administrator". U.S. Department of Justice. 2 June 2014.
^ Perez, Evan. "U.S. puts $3 million reward for Russian cyber criminal". CNN. CNN. Retrieved 24 February 2015.
^ "US offers $3m reward for arrest of Russian hacker Evgeniy Bogachev". BBC.
^ Cosovan, Doina (6 August 2014). "Gameover Zeus Variants Targeting Ukraine, US". BitDefender LABS.

This computer security article is a stub. You can help Wikipedia by expanding it.

This law enforcement–related article is a stub. You can help Wikipedia by expanding it.

[krebs2014-1] Brian Krebs (2 June 2014). "'Operation Tovar' Targets 'Gameover' ZeuS Botnet, CryptoLocker Scourge". Krebs on Security.

[2] By Counter Threat Unit™ (CTU) Research Team. "Gameover Zeus re-emerges without peer-to-peer capability". Secureworks.com. SecureWorks. Retrieved 9 March 2016.

[3] "International Takedown Wounds Gameover Zeus Cybercrime Network". Symantec. 2 June 2014.

[4] John E. Dunn (2 June 2014). "Operation Tovar disconnects Gameover Zeus and CryptoLocker malware - but only for two weeks". TechWorld.

[5] "U.S. Leads Multi-National Action Against "Gameover Zeus" Botnet and "Cryptolocker" Ransomware, Charges Botnet Administrator". U.S. Department of Justice. 2 June 2014.

[6] Perez, Evan. "U.S. puts $3 million reward for Russian cyber criminal". CNN. CNN. Retrieved 24 February 2015.

[7] "US offers $3m reward for arrest of Russian hacker Evgeniy Bogachev". BBC.

[8] Cosovan, Doina (6 August 2014). "Gameover Zeus Variants Targeting Ukraine, US". BitDefender LABS.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

Gameover ZeuS

See also[edit]

References[edit]

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Interaction

Tools

Print/export

Languages