The Justice Department said on Monday they along with a host of security firms have disrupted the operation of a cybercrime gang that infected hundreds of thousands of private computers with computer malware used for stealing banking credentials and millions of dollars from people all over the world.
The Gameover Zeus botnet is a highly prevalent password-stealing Trojan that targeted thousands of small businesses. And according to Dell SecureWorks Counter Threat Unit, this was the most active banking trojan of 2013. In a separate action, U.S. and foreign law enforcement officials blocked another virus known as “Cryptolocker,” software that encrypts files on computers and then extracts ransom payments in return for the user’s own files.
Federal prosecutors also filed charges against the group's alleged leader, Russian citizen Evgeniy Mikhaylovich Bogachev, who they say led a gang of cyber criminals in Russia and Ukraine that spread the GameOver Zeus malware and the notorious Cryptolocker ransomware. The Russian hacker is now among the FBI’s most-wanted cyber criminals.
Since GameOver Zeus first appeared in September 2011, it is responsible for more than $100 millions of dollars in losses among U.S. victims, and more than 13 million computers worldwide were infected, according to the US Department of Justice. The Cryptolocker has been used to attack about 200,000 computers, in which half were in the U.S. In its first two months, hackers extracted an estimated $27 million from victims, Deputy Attorney General James Cole said.
Victims' computers were most commonly infected when a user clicked on a link in an unsolicited email or via a website that appeared to have come from a trusted source. The virus was designed to steal people's online banking login details and passwords; it would then transmit the information back to the criminal network that uses it to steal from the victim’s accounts. Victims of botnets often don't realise their computers are attacked until they've suffered losses.
The case demonstrates what a burgeoning problem this is turning into. While certain criminals steal millions at a time from bigger businesses, many more hope to elude notice by swindling a relatively small amount from small businesses and individuals. As a matter of fact, many cyber criminals are trained in netting just a few hundred dollars from each victim. With possibly millions of victims out there, they can make huge sums without drawing too much attention.
Assistant U.S. attorney general for the Justice Department's criminal division, Leslie Caldwell said the campaign to close down Gameover Zeus began May 7, when Ukrainian officials confiscated computer servers in Kiev and Donetsk that helped administer the botnet. The Homeland Security Department's Computer Emergency Readiness Team is helping the victims to eliminate the Gameover Zeus malware.