The author of the banker Trojan Zeus is wanted
Yesterday it became known that law enforcement agencies of the United States and the Department of Justice reported on a special operation to disable the Zeus Gameover botnet. This latest modification of the universal malicious banking tool Zeus uses the P2P structure of peers to organize its botnet. The modification appeared in-the-wild in mid-2011 called Gameover. In the new version of the malicious program, the authors switched to using the DGA and P2P domain name generation system, which significantly complicates the disabling of such a botnet.
Many antivirus and security companies have already written about the activity of Zeus Gameover, the financial damage to users from the actions of fraudsters is enormous and can amount to tens and hundreds of millions of dollars. According to the FBI, with the help of a Gameover modification, attackers managed to steal more than $ 100 million. According to KrebsOnSecurity , a portal that closely interacts with law enforcement agencies, in the operation “Tovar”, the FBI, Europol, and various security companies participated : CrowdStrike, Dell, Symantec, Trend Micro and McAfee.
')
In addition to the operation itself to disable the botnet, law enforcement agencies put on the wanted list the alleged author of the original malicious program Zeus, which has long been widely known under the pseudonym Slavik . He was a native of the Russian Federation. Documents related to the civil suit were posted on the official website .
As noted in the FBI release mentioned above, studies have shown that on computers infected with Zeus Gameover, other dangerous malware was often detected, known as Cryptolocker. He became known as the most dangerous ransomware encryptor, because he encrypts user files and uses a distributed architecture to obtain a decryption key (the key can only be obtained from the attackers themselves). For getting the key and decrypting the files, the attackers extorted money from the user. Operation Tovar was also aimed at destroying the structure of Cryptolocker.
Many antivirus and security companies have already written about the activity of Zeus Gameover, the financial damage to users from the actions of fraudsters is enormous and can amount to tens and hundreds of millions of dollars. According to the FBI, with the help of a Gameover modification, attackers managed to steal more than $ 100 million. According to KrebsOnSecurity , a portal that closely interacts with law enforcement agencies, in the operation “Tovar”, the FBI, Europol, and various security companies participated : CrowdStrike, Dell, Symantec, Trend Micro and McAfee.
')
Losses attributable to GameOver Zeus are estimated to be more than $ 100 million.
In addition to the operation itself to disable the botnet, law enforcement agencies put on the wanted list the alleged author of the original malicious program Zeus, which has long been widely known under the pseudonym Slavik . He was a native of the Russian Federation. Documents related to the civil suit were posted on the official website .
As noted in the FBI release mentioned above, studies have shown that on computers infected with Zeus Gameover, other dangerous malware was often detected, known as Cryptolocker. He became known as the most dangerous ransomware encryptor, because he encrypts user files and uses a distributed architecture to obtain a decryption key (the key can only be obtained from the attackers themselves). For getting the key and decrypting the files, the attackers extorted money from the user. Operation Tovar was also aimed at destroying the structure of Cryptolocker.
Source: https://habr.com/ru/post/225077/
All Articles