Bank-stealing malware returns after US crackdown

Jul 11, 2014
Malicious software used to steal millions from bank accounts has re-emerged a month after US authorities broke up a major hacker network using the scheme, Sydney, July 9, 2012

Malicious software used to steal millions from bank accounts has re-emerged a month after US authorities broke up a major hacker network using the scheme, security researchers say.

The security firm Malcovery said it identified a new trojan based on the Gameover Zeus malware, which officials said infected up to one million computers in 12 countries, and was blamed in the theft of more than $100 million.

"This discovery indicates that the criminals responsible for Gameover's distribution do not intend to give up on this botnet even after suffering one of the most expansive botnet takeovers/takedowns in history," Malcovery said in a blog post Thursday.

By infecting large numbers of computers, the were able to control the devices to steal passwords and send out emails to further spread the infection.

The news came as the Department of Justice said it had made progress in rooting out the malware infections.

In a status report filed in court, officials said that "all or nearly all of the active computers infected with Gameover Zeus have been liberated from the criminals' control and are now communicating exclusively with the substitute server established pursuant to court order."

A blog post by the security firm Emsisoft said the new variant may be harder to combat, because it is using "an evasive technique that allows the botnet to hide its distributive phishing sites behind a constantly shuffling list of infected, proxy computers."

Gameover Zeus, which first appeared in September 2011, stole bank information and other confidential details from victims.

The FBI blamed the Gameover Zeus for the theft of more than $100 million, obtained by using the stolen bank data and then "emptying the victims' and diverting the money to themselves."

The June crackdown also targeted another computer virus, dubbed "Cryptolocker," which appeared in September 2013.

Russian Evgeniy Mikhailovich Bogachev, 30, an alleged administrator of the network, was charged in Pittsburgh, Pennsylvania, with 14 counts including conspiracy, computer hacking, bank fraud and money laundering in the Gameover Zeus and Cryptoblocker schemes.

Explore further: Judge lets US intercept info from hacked computers (Update)

add to favorites email to friend print save as pdf

Related Stories

Judge lets US intercept info from hacked computers (Update)

Jun 03, 2014

The Justice Department can continue to intercept information from 350,000 computers worldwide that are known to be infected with a data-stealing virus being spread by an alleged Russian computer hacker and his conspirators, ...

US disrupts hacking schemes that stole millions

Jun 02, 2014

A band of hackers implanted viruses on hundreds of thousands of computers around the world, secretly seized customer bank information and stole more than $100 million from businesses and consumers, the Justice Department ...

Media shock stories about GameOver Zeus are not helpful

Jun 06, 2014

We need to watch out for headlines like the ones earlier this week warning that people had two weeks to protect themselves from a "powerful computer attack". It can end up scaring people who have little idea ...

Bank account-draining Zeus gets lots of action in 2013

Jun 05, 2013

(Phys.org) —A Trojan program designed to steal money from people's bank accounts has not only been around for years but is now on the rise. A New York Times Bits blog report said it is enjoying a good l ...

Recommended for you

Irish bookmaker apologizes for 2010 data breach

20 minutes ago

(AP)—Irish betting company Paddy Power announced Thursday it is notifying hundreds of thousands of customers that most of their profile information was stolen in 2010, but hackers did not gain their credit card details ...

Misinformation diffusing online

3 hours ago

The spread of misinformation through online social networks is becoming an increasingly worrying problem. Researchers in India have now modeled how such fictions and diffuse through those networks. They described details ...

User comments : 0