The Justice Department has unsealed criminal charges against the administrator of a botnet called Gameover Zeus – GOZ, being used to steal millions of dollars around the world. It is also leading an international effort to disrupt the botnet’s global network of infected computers.
Justice said US and foreign law enforcement officials are working together to seize computer servers central to the malware known as Cryptolocker, which encrypts the files on a victim’s computeruntil they purchase a key to unlock them – also tied to the alleged GOZ administrator (EvgeniyMikhailovichBogachev, 30, of Anapa, Russian Federation).
An investigation led in Washington DC identified the Gameover Zeus network as a common distribution mechanism for Cryptolocker. Unsolicited emails containing an infected file purporting to be a voicemail or shipping confirmation are also widely used to distribute Cryptolocker and when opened infect victims’ computers.
This appears to affect primarily Windows machines. USCERT has a remediation protocol here: https://www.us-cert.gov/gameoverzeus.
