Saturday, July 12, 2014

Gameover Zeus Decides to TRY AGAIN

try-again-mergedOver one month ago, the FBI coordinated with international authorities in Operation Tovar, to successfully interrupt the criminal botnet of Gameover Zeus. Today, reports indicate that it isn’t Game Over just yet. Early this morning, researchers uncovered a spam campaign using attached zip files containing malware. Upon closer inspection, said malware was found to share 90% of its code base with Gameover Zeus.


There was, however, one big difference. Whereas the original Gameover botnet relied upon P2P, TRY AGAIN Zeus uses fast-flux hosting, an evasive technique that allows the botnet to hide its distributive phishing sites behind a constantly shuffling list of infected, proxy computers. Accordingly, fast-flux will make TRY AGAIN Zeus harder to combat for info sec law enforcement.


As always, those receiving mysterious attachments/links via email related to financial matters are urged not to open them or click. Those running Emsisoft: rest assured, we’ve got your back. And, those seeking further details, look no further than coverage from Mr. Brian Krebs.


Have a Great (Zeus-Free) Day!



Related Posts:


  • Authorities Crackdown on Gameover Zeus and CryptoLocker

  • Alert! Monster.com Serving Gameover Zeus

  • Coup des autorités contre Gameover Zeus et CryptoLocker

  • Schlag der Behörden gegen Gameover Zeus und CryptoLocker

  • Zeus Found Crawling through Salesforce.com



Gameover Zeus Decides to TRY AGAIN

No comments:

Post a Comment