Weeks after Gameover ZeuS shut down, a new derivative emerges

Security analysts have detected a new strain of malware based heavily on the Gameover ZeuS, which infected users’ computers and joined them up to a massive botnet. That botnet, in turn, specifically was designed to steal banking passwords on Windows machines.

The revival comes just six weeks after American authorities announced a global takedown of the botnet earlier this year. Prosecutors say Gameover ZeuS’ masterminds have stolen more than $100 million as a result.

In a sneaky move similar to its predecessor, the new strain uses a “Domain Generation Algorithm” (DGA), where the infected computer attempts to contact a list of gibberish domain names. In this case, the analysts at the security firm Malcovery determined that it was able to successfully connect to the domain cfs50p1je5ljdfs3p7n17odtuw.biz.

Read 4 remaining paragraphs | Comments