Game Over for GameOver Zeus and Cryptolocker malware that stole millions

Image Credits: Symantec

The U.S Department of Justice announced that FBI and other international Law enforcements have disrupted two of the world's most notorious botnets: GameOver Zeus and Cryptolocker ransomware.

Game Over Zeus is one of the most notorious botnets which first emerged in September 2011 responsible for millions of infections worldwide.  It is based on the original Zeus malware, attempts to steal financial information from the victim.

According to the United States Department of Justice report, the cybercriminals behind the GameOver Zeus have stolen more than $100 million.

Evgeniy Mikhailovich Bogachev, 30-year-old Russian, has been charged for his alleged role as an admin of the Gameover Zeus botnet.

Cryptolocker is a particularly nasty piece of malware that encrypts all files on the infected machine, then demands a ransom to unlock it.  If the files are important one and no backup is there, victims don't have choice other than paying ransom to get a key to unlock.

DOJ report suggests that more than 200k computers have been infected by this ransomware as of April.  The malware appeared in September 2013, within two months cyber criminals collected more than $27 million.

Symantec has also released a tool to remove GameOver malware completely from your computer.  You can download it from here.

New Variant of Zeus Malware "Game Over" delivered via Phishing Emails

A spam mail that purporting from National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC) and claims there is problem with your recent Transaction. If recipients needs help, the mail ask them to visit a link. The link leads to a Phishing page. Once recipient visit the link, Without the knowledge of Victim, the page download a malware "Game Over" and infects the victim's system.

The Malware is newer variant of ZeuS malware that steals your Confidential data related to Bank. Not only the malware steals the data but also make your computer as Botnet Slave.  A botnet slave can be used to attack a website with Distributed Denial of Service(DDOS).

According to Fbi report, the attackers used the stolen bank information to purchase of precious stones and expensive watches from high-end jewelry stores.

"The criminals contact these jewelry stores, tell them what they’d like to buy, and promise they will wire the money the next day. So the next day, a person involved in the money laundering aspect of the crime—called a “money mule”—comes into the store to pick up the merchandise. After verifying that the money is in the store’s account, the jewelry is turned over to the mule, who then gives the items to the organizers of the scheme or converts them for cash and uses money transfer services to launder the funds." Report says.

Fbi see an increasing number of unsuspecting mules hired via “work at home” advertisements who end up laundering some of the funds stolen from bank accounts. The CyberCriminals send e-mail to those who search for a Online jobs. The hired employees are provided long and seemingly legitimate work contracts and actual websites to log into. They’re instructed to either open a bank account or use their own bank account in order to receive funds via wire and ACH transactions from numerous banks…and then use money remitting services to send the money overseas.

If you think you’ve been victimized by this type of scheme, contact your financial institution to report it, and file a complaint with the FBI’s Internet Crime Complaint Center.