GameOver ZeuS (GOZ)

What is GameOver ZeuS (GOZ)?
GameOver ZeuS (GOZ) is a peer-to-peer botnet malware that is an evolution of the earlier ZeuS trojan and uses encrypted peer-to-peer communication between its nodes and command-and-control servers that use the the predecessor did not have to make investigative operations harder to reach law enforcement agencies. Like the original ZeuS Trojan, GOZ is used to steal financial information so that the cybercriminal can make illegal withdrawals of funds from companies and individuals through various financial institutions.

GameOver ZeuS is a further development of the original ZeuS Trojan; Hence, it has more powerful features and better evasive methods against detection. It does this in the form of an encrypted peer-to-peer architecture for communication which makes it difficult to trace because it cannot be traced immediately to a central operations server, which makes it very difficult to shut down the cybercriminal's activities. Another new ability is the ability to trigger a denial-of-service attack using the botnet that has been created. This ability often requires a completely different type of Trojan, but in this case it's built into GOZ.

GOZ ist auch in der Lage, andere Malware auf einem infizierten Computer zu installieren, am häufigsten ist CryptoLocker, eine Form von ‚Ransomware‘, die wichtige Dateien findet und sie dann durch eine starke Verschlüsselung als Geisel hält, so dass dem Benutzer der Zugriff verweigert wird Benutzer zahlt Lösegeld, um die Dateien zurück zu bekommen. Es wurde geschätzt, dass allein von September bis Dezember 2013 Lösegeldzahlungen in Höhe von 30 Millionen US-Dollar erfolgten, und es wurde geschätzt, dass 234.000 Opfer weltweit infiziert wurden, davon 121.000 in den Vereinigten Staaten.

GOZ was able to infect 1 million computers worldwide and the losses have been estimated at hundreds of millions of dollars. It was only stopped in mid-2014 due to the close cooperation of the affected countries and both GameOver ZeuS and CryptoLocker stopped. And on February 24, 2015, the FBI announced a $ 3 million reward for information about the Russian cybercriminal closely associated with GOZ, Evgeniy Bogachev.