The US Justice Department is going to have a crack at taking down the Gameover ZeuS botnet.
The network of hacked Microsoft Windows computers is believed to be between 500,000 to 1 million compromised systems. Members of the botnet are mined for sensitive financial and personal data and then rented to hackers for use in online extortion attacks, spam and other illicit moneymaking schemes.
An attack on Gameover, dubbed “Operation Tovar,” began late last week and is a collaborative effort by investigators at the FBI, Europol, and the UK’s National Crime Agency; security firms CrowdStrike, Dell SecureWorks, Symantec, Trend Micro and McAfee; and academic researchers at VU University Amsterdam and Saarland University in Germany.
Gameover ZeuS has since October 2011 been controlled and maintained by a gang of hackers from Russia and Ukraine. According to the Justice Department, Gameover has been implicated in the theft of more than $100 million in account takeovers.
Getting control of Gameover ZeuS might be a bit tricky as it uses an advanced peer-to-peer (P2P) mechanism to control and update the bot-infected systems. Microsoft’s 2012 takedown action had no effect on the P2P version of ZeuS because of its network architecture.
The Justice Department published a complaint that names the alleged author of the ZeuS Trojan, allegedly a Russian citizen named Evgeniy Mikhailovich Bogachev as responsible for the malware.