GameOver Zeus botnet back from the dead despite Microsoft's takedown

Status
Not open for further replies.

Petrovic

Level 64
Thread author
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,354
Back in early June Microsoft announced it had taken down the GameOver Zeus botnet, in an effort to protect customers. But, thwarting the internet bad guys is much more difficult in practice than it is in theory. Now security researches claim the phoenix is rising from its ashes.

The folks at Arbor Networks, a security research firm, have been keeping regular tabs, and have noted a sudden and very rapid growth. The rise is actually due to a new variant that seems to be spreading quickly, but has become most prevalent in the US.

The firm tracked the variant, known as "newGOZ", through the final two weeks of July. In the short period between July 14th and 25th the firm saw a rise from 127 victims to an astonishing 8,494. However the final check, on July 29th, actually showed a nice drop-off of 27 per cent, which should be encouraging for all.

But before you get too excited about that reprieve, Arbor points out "as with all sinkhole data, many variables can affect the accuracy of victims such as network topology (NAT and DHCP), timing, and other security researchers. However, we feel that the data provides a good estimation of the current scope of this new threat".

Not a single continent, excepting Antarctica, was safe from the infestation, though North America, especially the US, ranked quite a bit higher than other victims. In fact the US accounted for 44 per cent of the victims, followed by India at 22 per cent. The UK finished third in this race nobody wishes to run, coming in at 10 per cent.

The researchers conclude with several questions regarding this new threat - will the perpetrators continue using this attack? If so, will it continue to grow? Will those behind it return to the original P2P version, which had a higher infection rate?

gameover-zeus-600x245_original.png
 
  • Like
Reactions: avast! Protection

Aura

Level 20
Verified
Jul 29, 2014
966
This is really old news lol, I posted this on other forums like a month ago.
Also, just want to precise that the people behind that "revival" are starting from scratch. New servers, modified variant of GOZ and 0 slaves and they want to make their way to the top once again.
 
  • Like
Reactions: NSG001
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top