Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
GameOver ZeuS (GOZ) is a peer-to-peer botnet malware that is an evolution of the earlier ZeuS Trojan and uses encrypted peer-to-peer communication between its nodes and command and control servers, which its predecessor did not have, making it more elusive to law enforcement detection operations. Like the original ZeuS Trojan, GOZ is used to steal financial information so that the cybercriminal is able to make illegal withdrawals of funds from businesses and individuals through various financial institutions.
GameOver ZeuS is an evolution of the original ZeuS Trojan; hence, it has more powerful features and better evasion methods against detection. This comes in the form of an encrypted peer-to-peer architecture for communication, which makes it more difficult to track and trace since it cannot be immediately tracked to a central operation server, making it very difficult to shut down the cybercriminal's activities. Another new capability is the ability to initiate a denial-of-service attack through the created botnet. This capability often requires an entirely different type of Trojan, but, in this case, it is built into GOZ.
GOZ is also able to install other malware into an infected computer, the most common of which is CryptoLocker, a form of "ransomware," which finds important files and then holds them hostage through a strong encryption so that the user is denied access until the user pays ransom money to get the files back. It was estimated to have received $30 million in ransom payments from September to December 2013 alone, and it was estimated to have infected 234,000 victims worldwide, 121,000 of whom are in the United States.
GOZ was able to infect 1 million computers globally, and losses were estimated to be in the hundreds of millions of dollars. It was only stopped through the close cooperation of affected countries in mid 2014, stopping both GameOver ZeuS and CryptoLocker. And in February 24, 2015, the FBI announced a reward of $3 million for information regarding the Russian cybercriminal closely associated with GOZ, Evgeniy Bogachev.