Federal agents knock down Zeus Botnet, CryptoLocker
Source: USA Today
Kevin Johnson and Donna Leinwand Leger 1:38 p.m. EDT June 2, 2014
WASHINGTON -- The U.S. has seized a global network of computer servers known as Gameover Zeus Botnet used by cyber criminals to spread malware viruses and steal millions of dollars from businesses and consumers, the Justice Department said Monday.
U.S. and foreign law enforcement agents in a separate action also seized the computers that distributed malware known as "CryptoLocker" that locks computers until the victims pay a ransom.
A 14-count indictment, unsealed Monday in Pittsburgh, charges Evgeniy Mikhailovich Bogachev, 30, of Anapa, Russia, with directing the Gameover Zeus Botnet. Charges include conspiracy, computer hacking, wire fraud, bank fraud and money laundering. Bagchev is also charged in Omaha with conspiracy to commit bank fraud for his alleged involvement with an earlier version of the Zeus malware called "Jabber Zeus."
Court documents identify Bogachev as "Slavik," a computer nickname for a notorious leader of a tightly knit gang of cyber criminals based in Russia and Ukraine allegedly responsible for both Gameover Zeus and CryptoLocker. The hackers allegedly used the gameover Zeus network of infected computers to distribute CryptoLocker. Federal investigators also say Bogachev used other online names, including "Pollingsoon" and "Lucky12345."
Read more: http://www.usatoday.com/story/news/nation/2014/06/02/global-cyber-fraud/9863977/
Deputy Attorney General James Cole Delivers Remarks at Press Conference for Gameover Zeus and Cryptolocker Operations
Washington, D.C. ~ Monday, June 2, 2014
Good afternoon and welcome, everyone.
Today, we are here to announce that, over the weekend, the Department disrupted two extremely damaging cyber threats – the financial botnet known as Gameover Zeus and the malicious software known as Cryptolocker. Gameover Zeus has secretly diverted millions of dollars to bank accounts of criminals across the globe while Cryptolocker – a ransomware scheme – has shutout hundreds of thousands of users from their own computers and data and demanded that victims pay to get access back to their own machines and information.
We also have identified and charged one of the leaders of the Eastern European cybercriminal gang that is responsible for these schemes. Evgeniy Bogachev, a Russian national, has been indicted in Pittsburgh, Pennsylvania for his role as an administrator of the Gameover Zeus botnet. Bogachev – a true 21st Century criminal who commits cybercrimes across the globe with the stroke of a key and the click of a mouse – is also charged in a newly unsealed criminal complaint in Omaha, Nebraska, for orchestrating a related botnet scheme. These crimes have earned Bogachev a place on its list of the world’s most-wanted cyber criminals.
As alleged in the unsealed indictment, Gameover Zeus is the most sophisticated and damaging botnet we have ever encountered. Frequently targeting the computers of small and mid-size businesses, the Gameover Zeus software intercepts passwords and other private information that can be used to conduct wire transfers, and then initiates or re-directs wire transfers from victims’ bank accounts to foreign bank accounts controlled by the criminals. Individual fraudulent wire transfers conducted through Gameover Zeus commonly exceed $1 million. At least one fraudulent wire transaction amounted to $6.9 million. Security researchers estimate that between 500,000 and 1 million computers worldwide are infected with Gameover Zeus, and that approximately 25 percent of the infected computers are located in the United States. The total losses worldwide are unknown, but we believe that losses exceed $100 million to U.S. victims alone. Because many of the victims are small- and mid-sized businesses, their accounts typically do not have the same legal protections afforded to consumer accounts, so such losses can be devastating.
Cryptolocker is a form of “ransomware,” a type of malicious software that prevents victims from accessing their computer files until they make a ransom payment to the criminals. It is the most sophisticated form of ransomware we have yet seen. Once it infects a victim’s computer, Cryptolocker encrypts its files and displays a ransom note on the screen, instructing victims to pay hundreds of dollars – typically in the cryptocurrency Bitcoin – to receive a password to decrypt their files. As of April 2014, Cryptolocker had attacked more than 200,000 computers, and more than half of those attacks occurred here in the United States. In its first two months of operation alone, it has been estimated that the criminals behind Cryptolocker collected over $27 million in ransom payments from victims seeking to get access to their files back.
U.S. leads global effort to disrupt cyber crime ring
By Jim Finkle, Aruna Viswanatha and Julia Edwards
BOSTON/WASHINGTON Mon Jun 2, 2014 1:58pm EDT
BOSTON/WASHINGTON (Reuters) - A U.S.-led international operation disrupted a crime ring that had infected hundreds of thousands of PCs around the globe with malicious software used for stealing banking credentials and cyber extortion, the Justice Department said on Monday.
Authorities used technical and legal tactics to interrupt the so-called botnet's operations, shutting down the servers the cyber criminals used to control infected machines and causing those machines to "phone home" to servers controlled by law enforcement.
= new reply since forum marked as read
