Symantec MSS Threat Landscape Update – Gameover Zeus/Cryptolocker Takedown
EXECUTIVE SUMMARY:
Today, June 2nd 2014, Symantec’s Security Response team released a blog detailing the takedown of two of the most notorious financial fraud malware to date; Cryptolocker and the Gameover Zeus variant. The takedown was an international collaboration between agencies such as the FBI, UK’s National Crime Agency and other law enforcement agencies. Symantec, among other private sector companies, assisted the FBI in seizing a large portion of the malicious infrastructure.
The Gameover variant of Zeus has infected millions of computers since September 2011. This trojan is used to intercept banking transactions that are made by unsuspecting users. The transaction details are then used to defraud those users of their monetary assets. Symantec has created a removal tool to assist users in removing Gameover Zeus.
Cryptolocker is the latest form of ransomware. If a user falls victim to this trojan, it will encrypt files stored on the the hard drive. The encryption used is strong and there is no method currently available to decrypt the data. The user is told that they must pay a ransom in order to receive the decryption key to recover their files. If a user decides not to pay the ransom, then they risk losing their personal files.
For more information on the takedown, please see Security Response’s blog post:
http://www.symantec.com/connect/blogs/international-takedown-wounds-game...