All the latest UK technology news, reviews and analysis


US charges Russian over Gameover Zeus malware racket

03 Jun 2014
Malware

The FBI has filed charges against a Russian citizen, Evgeniy Mikhailovich Bogachev, who is alleged to be one of the ringleaders behind the notorious Gameover Zeus malware.

The FBI said that Bogachev is wanted on charges ranging from computer hacking and wire fraud to bank fraud and money laundering over his alleged role as an administrator of the Gameover Zeus botnet. He is already on the FBI most wanted list.

The arrest warrant comes as computer users across the world are urged to purge and protect their systems after a coordinated take-down of the Gameover botnet, which will probably only last two weeks before it comes back online again.

The Gameover malware is particularly virulent and in March this year it attacked the Monster jobs site.

The Finnish security firm F-Secure estimates there are probably tens of thousands of GameOver botnets in existence. V3 has been reporting on GameOver since at least 2010.

Experts believe between 500,000 and one million computers are infected, and the FBI estimates  $100m has been lost by individuals and businesses around the world as a result of the malware.

Gameover Zeus installs itself on a victim's machine, often having been installed by the target unwittingly via a phishing attack. Once inside, the tool monitors the key strokes made by users when accessing internet services such as online banking, enabling the criminals behind the malware to access accounts.

The UK's Get Safe Online group has also warned about the threat, saying that people only have a short time to protect their systems.

"The National Crime Agency (NCA) and Get Safe Online are today urging the public and small businesses to protect themselves against a powerful type of malicious software that has hit the UK and could cost computer users millions of pounds," it said.

Despite this the Get Safe Online website has itself been offline since the alert went live, seemingly under the weight of traffic from worried web users.

Andy Archibald, deputy director of the NCA's National Cyber Crime Unit, added: "Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals. By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them."

The US Cert has issued its warning to users of a range of Windows operating systems, including Microsoft Windows 95 through to Windows 8, and Windows Server 2003 to 2012.

Cert said that it was compelled to release a warning now, explaining that Gameover Zeus, or GOZ, is a peer-to-peer banking login thief. The alert has the backing of the United States Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and the Department of Justice (DoJ).

"GOZ, which is often propagated through spam and phishing messages, is primarily used by cybercriminals to harvest banking information, such as login credentials, from a victim's computer. Infected systems can also be used to engage in other malicious activities, such as sending spam or participating in distributed denial-of-service (DDoS) attacks," it explains.

"A system infected with GOZ may be employed to send spam, participate in DDoS attacks, and harvest users' credentials for online services, including banking services."

Cert recommends a number of actions to prevent Gameover infections, including ensuring antivirus software and anti-malware tools are kept up to date, using secure passwords and regularly patching systems.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Dave Neal
About

Dave Neal is a reporter at The INQUIRER. Previously he worked at V3.co.uk, VNUnet, and IT Week in editor and journalist roles.

He started his career when the Y2K bug was a front page story and remains committed to covering the interesting world of technology news.

He left the world of office working four years ago and now represents The INQUIRER from home in Kent with his dog.

Dave has been quoted in papers including the London Metro.

More on Security
What do you think?
blog comments powered by Disqus
Poll

Tech gifts for Christmas 2014

Is a new tablet on your wish list this festive season, or have they become yesterday’s fad?
12%
23%
11%
6%
48%

Popular Threads

Powered by Disqus
iPhone 6 is available in silver gold and space grey

iPhone 6 video review

The best iOS handset to date

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

C# ASP.NET Developer

ShortList Recruitment has an exciting opportunity for...

ASP.NET Developer

A major online business in Chester is looking to add...

Application Support Analyst

My client offer creative solutions to investment challenges...

Junior Developer

Shortlist are recruiting for a Junior Developer to join...
To send to more than one email address, simply separate each address with a comma.