Gameover Zeus Decides to TRY AGAIN


try-again-mergedOver one month ago, the FBI coordinated with international authorities in Operation Tovar, to successfully interrupt the criminal botnet of Gameover Zeus. Today, reports indicate that it isn’t Game Over just yet. Early this morning, researchers uncovered a spam campaign using attached zip files containing malware. Upon closer inspection, said malware was found to share 90% of its code base with Gameover Zeus.

There was, however, one big difference. Whereas the original Gameover botnet relied upon P2P, TRY AGAIN Zeus uses fast-flux hosting, an evasive technique that allows the botnet to hide its distributive phishing sites behind a constantly shuffling list of infected, proxy computers. Accordingly, fast-flux will make TRY AGAIN Zeus harder to combat for info sec law enforcement.

As always, those receiving mysterious attachments/links via email related to financial matters are urged not to open them or click. Those running Emsisoft: rest assured, we’ve got your back. And, those seeking further details, look no further than coverage from Mr. Brian Krebs.

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

Have a Great (Zeus-Free) Day!

Senan Conrad

Senan Conrad

Senan specializes in giving readers insight into the constantly and rapidly changing world of cybersecurity. When he’s not tapping away at his keyboard, he enjoys drinking a good coffee or tinkering in his workshop.

What to read next

Newsletter

Malware never sleeps. Be sure to stay up-to-date on emerging threats.

Emsisoft > Blog > Malware Lab > Security Alerts > Gameover Zeus Decides to TRY AGAIN