The US Department of Justice announced yesterday that, over the weekend, a multinational law enforcement operation disrupted two major cyber threats: Gameover Zeus and Cryptolocker. While the former stole banking passwords, the latter locks users out of their own computers until they pay ransom.
Dubbed “Operation Tovar”, the stealth attack was carried out by the US government along with other governments and private sector leaders.
Gameover Zeus is a modified version of the popular Zeus Trojan that began appearing in 2007. It came into light back in 2011, and has since infected between 500,000 and 1 million computers worldwide, stealing more than $100 million from businesses and consumers.
"It is the most sophisticated and damaging botnet we have ever encountered”, the DOJ Deputy Attorney General James Cole said.
On the other hand, Cryptolocker infects a system by encrypting its files with a password unknown to the victim. It then displays a ransom note on the screen, instructing victims to transfer hundreds of dollars worth of Bitcoins to receive a password to decrypt their files.
The ransomware is estimated to have infected more than 200,000 computers around the globe, with more than half of those attacks occurring in the United States alone. In its first two months of operation, the criminals behind the malware collected over $27 million in ransom payments.
Meanwhile, the authorities have also identified and charged Russian national Evgeniy Bogachev, one of the leaders of the cybercriminal gang that is responsible for these schemes, with conspiracy, computer hacking, wire fraud, bank fraud, and money laundering.
Bogachev, who is believed to reside in Anapa, Russia, has been indicted in Pittsburgh, Pennsylvania for his role as an administrator of the Gameover Zeus botnet.