14 DAY TRIAL // Microsoft, the FBI, and a number of other partners, including McAfee and Dell, have joined forces on what is being called Operation Tovar, a global effort supposed to take down the GameOver Zeus botnet.
Redmond itself has promised to help clean the infected computers by developing a dedicated solution after an in-depth analysis of the P2P network. The company has also said that it would work with global Community Emergency Response Teams (CERTs) and Internet service providers (ISPs) to determine the IP addresses of those affected by the malware and get in touch with them to help remove the malware.
In the future, Microsoft promises that all those who have been infected by the malware will continue to be notified and assisted as they try to clean their computers.
The GameOver Zeus botnet was designed to steal banking details with the help of a malicious websites that distribute malware to unprotected computers. At the same time, cybercriminals are using some other tactics to infect PCs, such as emails which Microsoft claims “appear to be legitimate communications from well-known businesses and organizations.”
“These deceptive emails contain realistic language that could entice the recipient to click on a link or attachment, which ultimately deploys the GameOver Zeus malware onto the victim’s computer,” the company said.
Once it reaches your computer, the botnet is automatically enabled once the infected machines launches the browser, automatically logging details and providing cybercriminals with access to passwords and private account information.
“The infected computer sends stolen data to the botnet’s C&C server, and stores it there for later use by the criminal,” Microsoft explained.
“GameOver Zeus has many similar properties to Zeus, such as logging keystrokes to steal banking credentials, but it also comes packaged with malicious functions that allow it to launch distributed denial-of-service (DDoS) attacks against financial institutions.”
Of course, several other variants have also been developed, including a version that's specifically aimed at job recruiters. Once it reaches a vulnerable computer, it tries to steal log-in credentials for job search websites, according to security companies.
“Variants have allowed GameOver Zeus to circumvent perimeter security including firewalls, webfilters and network intrusion detection systems, by disguising itself as an encrypted .EXE file,” Redmond also pointed out.
The GameOver Zeus botnet is considered one the most active banking information stealing Trojans of the last year, with some estimates pointing to up to 1 million infected computers. Losses caused by the malware are said to reach $600 million (€441 million).