The Department of Justice announced on Monday it has taken control of computer servers known as Gameover Zeus Botnet that were used by cybercriminals to spread malware viruses, allowing them to steal millions of dollars from companies and consumers.
Federal authorities from the United States and dozens of foreign countries have also collaborated in a separate operation to seize computers that distributed the malware virus known as CryptoLocker — a program that locked a computer and forced the victim to pay a ransom to regain access to their device.
CryptoLocker, which emerged in Great Britain in September 2013, uses malware to encrypt the files on an infected computer, then locks the user out of the machine. Once the computer has been locked a ransom note is displayed on the computer screen demanding the user pay as much as $700 in Bitcoins or an untraceable credit card to regain access. If a user does not pay the ransom in the time frame given, the computer becomes permanently locked and the files are impossible to retrieve.
Gameover Zeus, also known as P2P Zeus, has infected nearly a million computers worldwide since September 2011, and has been used to intercept online banking transactions. Once the software is installed, it remains on the infected computer, and the computer then becomes part of a network of other infected computers, creating what is known as a botnet.
The botnet can be used to collect online banking passwords or infect more computers. To date the FBI believes more than $100 million has been stolen using Gameover Zeus.
It is estimated that more than 234,000 computers worldwide have been infected with CryptoLocker, with more than 100,000 of those computers in the U.S., according to the Department of Justice.
The Department of Justice said any computer that federal agents have identified as being infected with the botnet has been redirected to cybersquads at the Department of Homeland Security and private security companies will help those users remove the programs from their computers.
Evgeniy Mikhailovich Bogachev, 30, from Anapa, Russia, was charged on May 19 in a 14-count indictment for directing the CryptoLocker botnet. Bogachev has been charged with conspiracy, computer hacking, wire fraud, bank fraud and money laundering, according to the indictment, which was unsealed in Pittsburgh on Monday. He was also indicted in 2012 by his screen name, Lucky12345.
Bogachev was also charged with conspiracy to commit bank fraud in Omaha, Nebraska, for allegedly being involved with Jabber Zeus, an earlier version of the Gameover Zeus malware.
Court documents show Bogachev went by the computer nickname "Slavik," a name used for the leaders of a close-knit group of cyber criminals who operate from Russia and Ukraine and are allegedly responsible for creating both Gameover Zues and CryptoLocker.
Bogachev, who remains at large, has also used the screen name pollingsoon. Robert Anderson, executive assistant director of the FBI, called Bogachev "one of the most prolific cyberactors in the world."
Al Jazeera
Error
Sorry, your comment was not saved due to a technical problem. Please try again later or using a different browser.