Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Cyber Crooks Revive Deadly Malware known as GameOver Zeus

Ibtimes.co.uk reported on 11th July, 2014 stating that law enforcement agencies have taken down the Gameover Zeus (GOZ) botnet globally but after five weeks of that successful take down, cybercriminals have begun reviving the deadly malware.

Security researchers of security firm Malcovery found a series of new spam campaigns on Thursday, 10th July, 2014 which were spreading a malware which looked like GOZ binary. The campaigns mainly contain fake notifications from financial institutions like NatWest and M&T bank with emails containing a zip file with a .scr attachment.

The malware is executed by using a domain generation algorithm (DGA) to contact its C&C server. The domain names generated are not related to the old Gameover Zeus but experts feel that the DGA is very similar.

Researchers observed another interesting aspect that the new Trojan doesn't use a Peer-to-Peer (P2P) infrastructure like the old one to make takedown efforts more difficult. Instead of that, it depends on Fast Flux technique involving an ever-changing network of compromised hosts which act as proxies to hide phishing websites and malware delivery.

Securityweek.com published news on 11th July, 2014 quoting Brendan Griffin and Gary Warner, Security researchers with Malcovery, as saying "In the original GameOver Zeus, the domain generation algorithm and its related command and control resources serve the botnet as a reserve to the peer-to-peer botnet which serves as primary means of distribution of this malware's instructions to infected machines. The operators of GameOver botnet may distribute commands to infected machines with which the peer-to-peer botnet has lost contact by using the related websites with the domain generation algorithm."

V3.co.uk published news on 11th July, 2014 quoting Tom Cross, Lancope Director of Security Research, as saying 'the botnet is expected to develop in near future and IT managers should be extra vigilant for that."

The new GameOver Zeus campaign is one of the several developed cyber attacks which were discovered in the first two weeks of July, 2014. Researchers of FireEye discovered a new botnet codenamed BrutPOS on Wednesday, 9th July, 2014 attacking point-of-sale (POS) systems to steal banking credentials.

ยป SPAMfighter News - 7/18/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next