Gameover Zeus Decides to TRY AGAIN


try-again-mergedOver one month ago, the FBI coordinated with international authorities in Operation Tovar, to successfully interrupt the criminal botnet of Gameover Zeus. Today, reports indicate that it isn’t Game Over just yet. Early this morning, researchers uncovered a spam campaign using attached zip files containing malware. Upon closer inspection, said malware was found to share 90% of its code base with Gameover Zeus.

There was, however, one big difference. Whereas the original Gameover botnet relied upon P2P, TRY AGAIN Zeus uses fast-flux hosting, an evasive technique that allows the botnet to hide its distributive phishing sites behind a constantly shuffling list of infected, proxy computers. Accordingly, fast-flux will make TRY AGAIN Zeus harder to combat for info sec law enforcement.

As always, those receiving mysterious attachments/links via email related to financial matters are urged not to open them or click. Those running Emsisoft: rest assured, we’ve got your back. And, those seeking further details, look no further than coverage from Mr. Brian Krebs.

Protect your device with Emsisoft Anti-Malware.

Did your antivirus let you down? We won’t. Download your free trial of Emsisoft Anti-Malware and see for yourself. Start free trial

Have a Great (Zeus-Free) Day!

Senan Conrad

Senan Conrad

As a cybersecurity enthusiast, Senan specializes in giving readers insight into the ever-changing world of malware, and the ransomware scene in particular. When he's not tapping away at his keyboard, you can catch Senan drinking a good coffee or tinkering in his workshop.

What to read next