Gameover ZeuS

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Not to be confused with Zeus (malware).

Gameover ZeuS is a peer-to-peer botnet based on components from the earlier ZeuS trojan. It is believed to have been spread through use of the Cutwail botnet.[1]

Unlike its predecessor the ZeuS trojan, Gameover ZeuS uses an encrypted peer-to-peer communication system to communicate between its nodes and its command and control servers, greatly reducing its vulnerability to law enforcement operations.[1] The algorithm used appears to be modeled on the Kademlia P2P protocol.[2]

According to a report by Symantec, Gameover Zeus has largely been used for banking fraud and distribution of the CryptoLocker ransomware.[3]

In early June 2014, the U.S. Department of Justice announced that an international inter-agency collaboration named Operation Tovar had succeeded in temporarily cutting communication between Gameover ZeuS and its command and control servers.[4][5]

On 24 February 2015, the FBI announced a reward of up to $3 million in exchange for information regarding Russian cyber criminal Evgeniy Bogachev over his association with Gameover ZeuS.[6]

Bitdefender has identified two Gameover Zeus variants in the wild: one of them generates 1,000 domains per day and the other generates 10,000 per day.[7]

Fox-IT helped to end the Gameover ZeuS criminal network.[8]


  1. ^ a b Brian Krebs (2 June 2014). "‘Operation Tovar’ Targets ‘Gameover’ ZeuS Botnet, CryptoLocker Scourge". Krebs on Security. 
  2. ^ Brett Stone-Gross (23 July 2012). "The Lifecycle of Peer-to-Peer (Gameover) ZeuS". Dell SecureWorks. Retrieved 4 July 2014. 
  3. ^ "International Takedown Wounds Gameover Zeus Cybercrime Network". Symantec. 2 June 2014. 
  4. ^ John E. Dunn (2 June 2014). "Operation Tovar disconnects Gameover Zeus and CryptoLocker malware - but only for two weeks". TechWorld. 
  5. ^ "U.S. Leads Multi-National Action Against "Gameover Zeus" Botnet and "Cryptolocker" Ransomware, Charges Botnet Administrator". U.S. Department of Justice. 2 June 2014. 
  6. ^ Perez, Evan. "U.S. puts $3 million reward for Russian cyber criminal". CNN. CNN. Retrieved 24 February 2015. 
  7. ^ Cosovan, Doina (6 August 2014). "Gameover Zeus Variants Targeting Ukraine, US". BitDefender LABS. 
  8. ^ "End of Gameover ZeuS". Automatiseringsgids. 8 August 2015.