Unlike its predecessor the ZeuS trojan, Gameover ZeuS uses an encrypted peer-to-peer communication system to communicate between its nodes and its command and control servers, greatly reducing its vulnerability to law enforcement operations. The algorithm used appears to be modeled on the Kademlia P2P protocol.
In early June 2014, the U.S. Department of Justice announced that an international inter-agency collaboration named Operation Tovar had succeeded in temporarily cutting communication between Gameover ZeuS and its command and control servers.
Bitdefender has identified two Gameover Zeus variants in the wild: one of them generates 1,000 domains per day and the other generates 10,000 per day.
- Brian Krebs (2 June 2014). "‘Operation Tovar’ Targets ‘Gameover’ ZeuS Botnet, CryptoLocker Scourge". Krebs on Security.
- Brett Stone-Gross (23 July 2012). "The Lifecycle of Peer-to-Peer (Gameover) ZeuS". Dell SecureWorks. Retrieved 4 July 2014.
- "International Takedown Wounds Gameover Zeus Cybercrime Network". Symantec. 2 June 2014.
- John E. Dunn (2 June 2014). "Operation Tovar disconnects Gameover Zeus and CryptoLocker malware - but only for two weeks". TechWorld.
- "U.S. Leads Multi-National Action Against "Gameover Zeus" Botnet and "Cryptolocker" Ransomware, Charges Botnet Administrator". U.S. Department of Justice. 2 June 2014.
- Perez, Evan. "U.S. puts $3 million reward for Russian cyber criminal". CNN. CNN. Retrieved 24 February 2015.
- Cosovan, Doina (6 August 2014). "Gameover Zeus Variants Targeting Ukraine, US". BitDefender LABS.
|This computer security article is a stub. You can help Wikipedia by expanding it.|
|This law enforcement–related article is a stub. You can help Wikipedia by expanding it.|