Microsoft and FBI team up to take down GameOver Zeus botnet

By the botnet of Zeus!

Microsoft has lent its botnet-busting muscles to the FBI to help it defeat the GameOver Zeus (GOZ) trojan, an aggressive piece of malware targeting passwords and online bank account details.

The trojan, which was the most active banking trojan of 2013, has been responsible for causing an estimated $100 million (£60 million) in losses after infecting more than 1 million consumer and business PCs worldwide.

However, according to a Microsoft blog post, a multinational team effort between itself, the FBI, government agencies and private companies has effectively de-clawed the threat, meaning it now poses no threat to infected computers.

Companies including Microsoft and Symantec are providing tools to remove the threat, which poses a risk to Windows PCs (Windows 95, 98, ME, 2000, XP, Vista, 7, 8 and Windows Server 2003, 2008 RT and 2012).

Peer-to-fear

GameOver Zeus is a peer-to-peer (P2P) variant of an existing bank credential-stealing malware called Zeus, which was active around 2007. It allows cyber criminals to create malicious websites that infect visitors with malware, which can also be spread by phishing.

Because it operates over P2P (instead of being hosted on traceable servers), Microsoft says it had to conduct analysis to develop a "cleaning solution" used disrupt the criminal operation. This also allowed it to notify owners of infected computers by identifying compromised IP addresses.

On May 2, the National Crime Agency gave computer users in the UK a two-week window to protect their machines after it came to light that the virus also distributes a previously known piece of malware called Cryptolocker, which holds a computer to "ransom" until the owner coughs up a monetary payment.