World’s Largest Cyber Crime Ring Disbanded
An international operation led by the United States caught a group of cyber criminals spearheading the largest cyber crime ring yet, one that infected approximately 500,000 to one million PCs globally. The group of cyber criminals, allegedly led by Russian national Evgeniy Mikhaylovich Bogachev who went by the aliases “lucky12345” and “slavic,” stole approximately $100 million from individuals and businesses worldwide starting in 2007. The botnet, which is a group of infected computers under the control of someone other than their owners, went by the name GOZ, short for Gameover Zeus, and mainly targeted bank accounts and credentials. A couple of notable targeted by GOZ are Bank of Georgetown and Capital One.
Their main goal was to monetize the investment they made into getting into your machine, they were absolutely after dollars, pounds and euros.
-Dell Employee Don Smith
How did Gameover Zeus do it?
Generally, the GOZ hackers ensnared targets and obtained secure information by using infected emails via a process known as “phishing.” Computer users would receive legitimate-looking email messages claiming to be from a trusted bank stating that there was a problem with one of their prior financial transactions. Once the computer owner unknowingly downloaded the malware after opening the email and clicking a link, it began a targeted search for financial information stored on the machine. The Gameover Zeus virus was initially spread by one of the largest botnets known called Cutwail, which popped up on the cybercrime scene in 2007 and is mostly involved with sending email messages containing viruses. In 2009, the Cutwail botnet contained the largest known number of infected machines.
The cyber crime ring also distributed malware called CryptoLocker, a form of what is known as ransomware, which makes data of a computer inaccessible to its user, claiming to only unlock their machine after receiving payment of as much as $700. The GOZ botnet in particular was so tricky to take down due to various components- namely, its advanced ability to hide the location of its servers via data encryption.
The Demise of the Crime Ring
Members of several organizations worldwide including the U.S. Department of Homeland Security, Intel Corp, Carnegie Mellon University and Microsoft Corp had been tracking the activity of GOZ since it first appeared on the scene in 2007, well before they were able to take action and put an end to their criminal operations. The monitoring of the cybercrime ring was completely secretive until they commenced “Operation Tovar,” which shut down the operations of the computers involved in spreading the viruses. United States organizations, mainly the FBI and the aforementioned companies, collaborated with Europol and the UK’s National Crime Agency to initiate a virtual ambush on Gameover Zeus. Authorities ended the cybercrime ring’s operations by shutting down the servers they were using to control the computers infected with its viruses.
Bogachev, believed to be the ringleader of the GOZ operation, is thought to be residing in Russia and has been added to the FBI’s Cyber Most Wanted List. Various publications including the International Business Times warned residents of the UK that despite the ending of the operations of the cybercrime ring, they may be able to regroup within two weeks and begin infecting machines once again. To keep their machines safe from future cyber attacks, experts urge computer users to install or update their security software and change passwords on important accounts.
Marisa Mostek (@MarisaJ44) loves globetrotting and writing, so she is living the dream by writing while living abroad in Japan and working as an English teacher. Marisa received her undergraduate degree from the University of Colorado in Boulder and a certificate in journalism from UCLA. Contact Marisa at staff@LawStreetMedia.com.
Featured Image Courtesy of [geralt via Pixabay]