Federal officials have announced new charges against GameOver Zeus botnet, a network of hacked Microsoft Windows computers that have infected thousands, if not millions, of PCs across the globe.
GameOver Zeus has infected up to a million Windows computers, taking users’ personal information. GameOver then used the information to give to hackers across the globe, allowing them to imbue computers with spam and steal money and credentials from users.
The mastermind behind the network was finally traced to Russia’s Evgeniy Mikhailovich Bogachev. Law enforcement from eleven countries helped federal officials finally track down the hacker.
“Gameover Zeus is the most sophisticated botnet the FBI and our allies have ever attempted to disrupt,” Robert Anderson Jr., a member of the FBI, said in a statement. “The efforts announced today are a direct result of the effective relationships we have with our partners in the private sector, international law enforcement, and within the US government.”
The official federal complaint cites four specific attacks caused by GameOver Zeus. The most costly individual attack named was an attack on a regional bank in northern Florida. Around $7 million was stolen from the bank, and federal officials think that GameOver Zeus has stolen a combined $100 million from various users and organizations.
The network gained money in two specific ways. The first was by stealing a user’s information by creating fake webpages that would ask for personal information. The pages would mimic pages that a user would trust, such as a banking site. Once the user would give the site personal information, the botnet would then strike an unauthorized wire transfer to steal the user’s money.
The botnet would also take computers ransom using Cryptolocker. It would take control of a computer’s hard drive, not allowing a user to have access to it until a ransom, which would go into the thousands of dollars, was paid.
GameOver Zeus has reportedly been in operation since 2011, but only recently have federal agents been able to track it down. The botnet used a strong encryption and a complex P2P mechanism to cover its tracks.
These schemes were highly sophisticated and immensely lucrative,” said US assistant attorney general Leslie Caldwell in a press statement. “The cyber criminals did not make them easy to reach or disrupt.”