Microsoft announced today that they helped the FBI in taking down the GameOver Zeus botnet which was one of the most active banking trojan of 2013.
Taking down botnets has been a top priority for Microsoft and the company has had plenty of success till now in major operations such as Citadel, ZeroAccess and Rustock. Now, Microsoft has announced that it has managed to take down the GameOver Zeus botnet which is a malware related to the Zeus password stealing trojan.
The GameOver Zeus botnet which mainly attacks financial outfits, governmental offices and the public sector is termed as one of the most active banking trojans of 2013 by the Dell SecureWorks Counter Threat Unit. It has been reported to affect 500,000 to 1 million computers worldwide; causing losses of nearly $600 million. The botnet spreads using a downloaded file which is shared through a fake website created by the criminals or through phishing. Once installed on the target computer, the spyware begins logging sensitive data such as passwords, PINs and account information. The entire operation is based on P2P technology making it entirely decentralized and tough to track down.
In order to take down the botnet, Microsoft analyzed the P2P network of the GameOver Zeus perpetrators and victims to trace back IP addresses. With the help of their own Cyber-Threat Intelligence Program (C-TIP), global Community Emergency Response Teams (CERTs) and Internet service providers (ISPs) it was then possible to cleanup the affected computers.
As a gentle reminder, if you do not know the source of a file, do not open it and if you find yourself being directed to a website to enter credentials, make sure the source email is legitimate.
Source: Technet Blog | Image via Microsoft