Your SlideShare is downloading. ×
Game overzeus
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Game overzeus

82

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
82
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. GameOver Zeus (GOZ) Malware and Botnet Architecture BUILDING THE BOTNET Cyber criminals create a network of compromised computers by sending emails with embedded malicious links or attachments or by enticing users to visit infected websites. Once infected, covertly installed malware connects computers to the botnet infrastructure without the owners’knowledge. COMMAND AND BOTNET USE A QUIET THREAT CONTROL SERVERS Infected computers are Botnets typically At the core of the botnet organized together to operate without obvious are servers which issue implement illicit orders visible evidence and can commands orchestrating various criminal activities. from the command and control servers. remain operational for years. GOZ malware can be used to download and install additional malware, including Cryptolocker, as well as extract banking credentials, which facilitates the illegal withdrawal of funds from individuals and businesses through financial institutions. The criminals’ability to access accounts at will undermines business integrity and public confidence and has the potential to threaten financial infrastructure. CryptoLocker Malware Computers compromised by the GOZ botnet may also be infected with CryptoLocker, a form of “ransomware.” • Victim files are encrypted and held“hostage” until the victim makes payment • More than 121,000 victims in the United States and 234,000 victims worldwide • There were approximately $30 million in ransom payments between September and December 2013 GOZ/CryptoLocker Scope • More than 1 million GOZ infections globally • Roughly 25% of infected computers are located in the United States • Losses estimated globally in the hundreds of millions of dollars • Key participation of 10 partner countries in support of takedown operation FBI CYD 1603.0514.4.2 EXT

×