Gameover Zeus

Malware updated 4 months ago (2024-05-04T17:24:20.129Z)

Download STIX

Preview STIX

Gameover ZeuS, also known as P2P ZeuS, is a notorious piece of malware designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom. The Swiss Governmental Computer Emergency Response Team (GovCERT.ch) has been aware of Gameover ZeuS for years, taking measures against this threat in collaboration with Swiss Internet service providers since July 2013. In response to the growing threat posed by Gameover ZeuS and the CryptoLocker ransomware, an international alliance called Operation Tovar was formed. This coalition brought together law enforcement agencies, security firms, and researchers from around the world to combat these cyber threats. Their collective effort aimed to dismantle the extensive botnets utilized by both Gameover ZeuS and CryptoLocker, which were responsible for widespread system infiltration and data theft. Today, the U.S. Department of Justice (DOJ) and Federal Bureau of Investigation (FBI) announced the successful takedown of the GameOver ZeuS (GOZ) and CryptoLocker botnets. This marks a significant victory in the ongoing fight against cybercrime, demonstrating the effectiveness of international cooperation and concerted action against such threats. Despite this success, vigilance remains crucial as new forms of malware continue to emerge.

Description last updated: 2024-05-04T16:50:57.607Z

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
Zeus	4	Zeus is a notorious form of malware, or malicious software, designed to exploit and damage computer systems. It infiltrates devices often without the user's knowledge via suspicious downloads, emails, or websites. Once embedded within a system, Zeus can steal personal information, disrupt operations

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Malware

Botnet

Trojan

Ransomware

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
cryptolocker	Unspecified	3	CryptoLocker is a type of malware known as ransomware that emerged as a significant cyber threat in the mid-2010s. This malicious software infiltrates systems through suspicious downloads, emails, or infected websites, often unbeknownst to the user. Once inside, it encrypts the system's files and de
Dridex	Unspecified	2	Dridex is a well-known malware, specifically a banking Trojan, that has been utilized by cybercriminals to exploit and damage computer systems. The malware infiltrates systems through dubious downloads, emails, or websites, often unbeknownst to the user, and can steal personal information, disrupt o

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

ID	Type	Votes	Profile Description
Evil Corp	Unspecified	2	Evil Corp, a threat actor group based in Russia, has been identified as a significant cybercrime entity responsible for the execution of malicious actions. The alleged leader of this group is Maksim Yakubets, who is notably associated with Dridex malware operations. The U.S. Treasury imposed sanctio

Source Document References

Information about the Gameover Zeus Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	a year ago	Emotet Rises Again: Evades Macro Security via OneNote Attachments
Krebs on Security	2 years ago	U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group
Recorded Future	2 years ago	Dark Covenant 2.0: Cybercrime, the Russian State, and War in Ukraine \| Recored Future
CERT-EU	a year ago	How the ZeuS Trojan Info Stealer Changed Cybersecurity
CERT-EU	2 years ago	What Is Domain Generation Algorithm? Definition and Role in Malware Attacks
MITRE	2 years ago	Treasury Sanctions Evil Corp, the Russia-Based Cybercriminal Group Behind Dridex Malware
CERT-EU	9 months ago	Behind the Scenes of Matveev's Ransomware Empire: Tactics and Team
MITRE	2 years ago	Dridex (Bugat v5) Botnet Takeover Operation
CERT-EU	a year ago	How the FBI Fights Back Against Worldwide Cyberattacks
GovCERT CH	2 years ago	Detecting And Mitigating GameOver ZeuS (GOZ)
CERT-EU	6 months ago	Heimdal’s 10th Anniversary - Our Finest Hours