- Apr 25, 2013
- 5,355
U.S. and European law enforcement officials last month, performed a coordinated takedown of the GameOver Zeus botnet. At the time, they claimed that the operation also neutralized the infamous CryptoLocker ransomware, which criminals had distributed using GameOver’s infrastructure.
However, Tyler Moffitt, a threat research analyst at the security firm Webroot, argued in a blogpost yesterday that the FBI’s claims are dubious and that CryptoLocker remains in use. In particular, the FBI’s belief “that Cryptolocker has been neutralized by the disruption and cannot communicate with the infrastructure used to control the malicious software,” overlooks an important reality.
“The reason why this claim should be scrutinized is because it is only the samples dropped on victims computers that communicated to those specific servers seized that are no longer a threat,” Moffit wrote. “All samples currently being deployed by different botnets that communicate to different command and control servers are unaffected by this siege…”
Full Article
However, Tyler Moffitt, a threat research analyst at the security firm Webroot, argued in a blogpost yesterday that the FBI’s claims are dubious and that CryptoLocker remains in use. In particular, the FBI’s belief “that Cryptolocker has been neutralized by the disruption and cannot communicate with the infrastructure used to control the malicious software,” overlooks an important reality.
“The reason why this claim should be scrutinized is because it is only the samples dropped on victims computers that communicated to those specific servers seized that are no longer a threat,” Moffit wrote. “All samples currently being deployed by different botnets that communicate to different command and control servers are unaffected by this siege…”
Full Article
