- SMB Spotlight
The FBI has filed charges against a Russian citizen, Evgeniy Mikhailovich Bogachev, who is alleged to be one of the ringleaders behind the notorious Gameover Zeus malware.
The FBI said that Bogachev is wanted on charges ranging from computer hacking and wire fraud to bank fraud and money laundering over his alleged role as an administrator of the Gameover Zeus botnet. He is already on the FBI most wanted list.
The arrest warrant comes as computer users across the world are urged to purge and protect their systems after a coordinated take-down of the Gameover botnet, which will probably only last two weeks before it comes back online again.
The Finnish security firm F-Secure estimates there are probably tens of thousands of GameOver botnets in existence. V3 has been reporting on GameOver since at least 2010.
Experts believe between 500,000 and one million computers are infected, and the FBI estimates $100m has been lost by individuals and businesses around the world as a result of the malware.
Gameover Zeus installs itself on a victim's machine, often having been installed by the target unwittingly via a phishing attack. Once inside, the tool monitors the key strokes made by users when accessing internet services such as online banking, enabling the criminals behind the malware to access accounts.
The UK's Get Safe Online group has also warned about the threat, saying that people only have a short time to protect their systems.
"The National Crime Agency (NCA) and Get Safe Online are today urging the public and small businesses to protect themselves against a powerful type of malicious software that has hit the UK and could cost computer users millions of pounds," it said.
Andy Archibald, deputy director of the NCA's National Cyber Crime Unit, added: "Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals. By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them."
The US Cert has issued its warning to users of a range of Windows operating systems, including Microsoft Windows 95 through to Windows 8, and Windows Server 2003 to 2012.
Cert said that it was compelled to release a warning now, explaining that Gameover Zeus, or GOZ, is a peer-to-peer banking login thief. The alert has the backing of the United States Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and the Department of Justice (DoJ).
"GOZ, which is often propagated through spam and phishing messages, is primarily used by cybercriminals to harvest banking information, such as login credentials, from a victim's computer. Infected systems can also be used to engage in other malicious activities, such as sending spam or participating in distributed denial-of-service (DDoS) attacks," it explains.
"A system infected with GOZ may be employed to send spam, participate in DDoS attacks, and harvest users' credentials for online services, including banking services."
Cert recommends a number of actions to prevent Gameover infections, including ensuring antivirus software and anti-malware tools are kept up to date, using secure passwords and regularly patching systems.