Bloomberg the Company & Products

Bloomberg Anywhere Login

Bloomberg

Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.

Company

Financial Products

Enterprise Products

Media

Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000

Communications

Industry Products

Media Services

Follow Us

http://www.businessweek.com/articles/2014-06-02/federal-agents-just-brought-down-the-worlds-worst-botnet

Banks

Federal Agents Just Brought Down the World’s Worst Botnet


An international operation led by the Department of Justice has disabled a hacking network that generated losses of more than $100 million in the U.S. since 2011. In an announcement on Monday, the department also disclosed charges against a 30-year-old Russian allegedly behind the Gameover Zeus botnet, a web of hundreds of thousands of infected computers used to steal money from bank accounts.

Gameover Zeus, which first emerged in September 2011, infected somewhere between 500,000 and 1 million computers, putting them in the control of hackers in Russia and Ukraine, according to legal documents (PDF) unsealed today. The main purpose of creating such a network, federal officials said, is to steal banking credentials and then use them to make wire transfers overseas.

The botnet’s capabilities sound plenty scary. Let’s say the hackers got a log-in and password for an account at Bank X and arranged for a fraudulent wire transfer. The bots could be used to attack the bank’s network to distract from examination of the transfer, says Brett Stone-Gross, a researcher for Dell SecureWorks who helped with the technical aspects of the takedown. It would even become harder for the account holder to alert the bank of fraudulent activity.

“This botnet caused a tremendous amount of damage,” Stone-Gross says. “It probably caused more damage than any other botnet previously, based on the amount of financial fraud.”

The hackers used the same network to spread a malicious program called Cryptolocker, which takes control of a computer, encrypts its contents, and demands ransom from the user to regain access to his files. The program is likely the work of the same group of hackers, says Stone-Gross.

The federal indictment unsealed at a court in Pittsburgh on Monday names Evgeniy Mikhailovich Bogachev, a Russian citizen and resident of the Black Sea city of Anapa, as the head of the group controlling the botnet. He might also be the author of the original Zeus malware, which emerged in 2007. U.S. authorities tracked his online activities by monitoring a computer server in the U.K. used to administer the botnet.

The international cooperation behind the takedown is impressive. The Justice Department press release mentions law enforcement units from Australia, the Netherlands, Germany, France, Italy, Japan, Luxembourg, New Zealand, Canada, Ukraine, and the U.K.

The real question now is how long it takes the criminals to construct a new network, and whether the U.S. indictment limits Bogachev and his allies—that is, if he is the mastermind depicted in the indictment.

Lawrence is a reporter for Bloomberg News in New York.

LIMITED-TIME OFFER SUBSCRIBE NOW
 
blog comments powered by Disqus