Despite Microsoft’s takedown, GameOver Zeus botnet rises again

remote access laptop hacker security

Back in early June Microsoft announced it had taken down the GameOver Zeus botnet, in an effort to protect customers. But, thwarting the internet bad guys is much more difficult in practice than it is in theory. Now security researches claim the phoenix is rising from its ashes.

The folks at Arbor Networks, a security research firm, have been keeping regular tabs, and have noted a sudden and very rapid growth. The rise is actually due to a new variant that seems to be spreading quickly, but has become most prevalent in the US.

The firm tracked the variant, known as “newGOZ”, through the final two weeks of July. In the short period between July 14th and 25th the firm saw a rise from 127 victims to an astonishing 8,494. However the final check, on July 29th, actually showed a nice drop-off of 27 percent, which should be encouraging for all.

But before you get too excited about that reprieve, Arbor points out “as with all sinkhole data, many variables can affect the accuracy of victims such as network topology (NAT and DHCP), timing, and other security researchers. However, we feel that the data provides a good estimation of the current scope of this new threat”.

Not a single continent, excepting Antarctica, was safe from the infestation, though North America, especially the US, ranked quite a bit higher than other victims. In fact the US accounted for 44 percent of the victims, followed by India at 22 percent. The UK finished third in this race nobody wishes to run, coming in at 10 percent.

The researchers conclude with several questions regarding this new threat — will the perpetrators continue using this attack? If so, will it continue to grow? Will those behind it return to the original P2P version, which had a higher infection rate?

gameover-zeus

Photo Credit: Korn/Shutterstock

betanews.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s