Free Essay

Gameover Zeus & Cryptolocker

In: Computers and Technology

Submitted By Dylankx
Words 1335
Pages 6
Gameover ZeuS and Cryptolocker

University of Maryland University College

Covered in this paper is how virulent software such as Gameover ZeuS and Cryptolocker can wreak havoc on a system causing all types of issues. Items covered are what type of software each of these malicious codes is categorized as. What a botnet and ransomware are and how they can affect a system. The type of threats that Gameover ZeuS and Cryptolocker are categorized as, such as a confidentiality breach, integrity breach or an availability breach. Lastly the types of intervention and prevention that can be done to mitigate an attack, or prevent it in the first place. Tackling software such as these before being spread can mean the difference between hundreds and even thousands of dollars in damage.

Gameover ZeuS and Cryptolocker
Gameover ZeuS was what most would consider a really nasty Trojan horse. Thought to be created by Evgeniy M. Bogachev, a 30 year old man from Russia, the supposed ring leader of the whole operation. It is thought that the Trojan infected between 500,000 and one million computers, and syphoning over 100 million dollars into the attackers accounts. Gameover ZeuS was a Trojan that created a botnet and also carried another payload with it, Cryptolocker. Cryptolocker was a type of ransomware that prompted users to enter personal information and money to “remove” the virus (Herman, n.d.). How did these two pieces of software work together to cause so much chaos?
We have established that Gameover ZeuS is a botnet and Cryptolocker is a ransomware, but what exactly is a botnet and ransomware? A botnet is best described by Margaret Rouse (2012), “...a number of internet computer that, although their owners are unaware of it, have been set up to forward spam/viruses to other computers on the internet…” Her definition is a clear statement of what to expect from a virus meant to wreak havoc. Ransomware on the other hand is they pay load that something like a botnet can carry making it even more troublesome. A ransomware is a type of Trojan horse that can make a computer completely unusable until the owner pays a fee to let the user have access again (Herman, n.d.).
Now that we have identified what types of malicious software we are talking about lets dive into how they caused so much chaos. How was Gameover ZeuS delivered to so many computers? Gameover ZeuS was often spread by spam email and phishing scams. Phishing scams are a type of email that contains a link to a legitimate looking website or an email requesting personal information (Rouse, 2007). Once Gameover ZeuS was on the infected computer it has a P2P communication infrastructure that allowed it to talk to other computers and be controlled by a botmaster or a sub-botmaster. This allowed it to easily control other computers and do things such as deliver malicious software such as Cryptolocker, hijack bank accounts, DDoS attacks, stealing Bitcoins, and theft of online credentials ("Gameover Zeus," n.d.).
Speaking in terms of what Gameover ZeuS and Cryptolocker can do we need to address what types of impact it can have on a system. These two malicious software’s working in conjunction can compromise confidentiality, integrity and availability; this is what makes these two software’s so dangerous. They can be capable of massive amounts of damage. They can compromise confidentiality due to the face that Gameover ZeuS has a built in key logger and can obtain online credentials such as usernames and passwords. Cryptolocker works in the same way in the fact that you would have to put in personal information to buy your way out of the encrypted lockout ("Gameover Zeus," n.d.).
Integrity of the system can be compromised as well, and we will address how first with Gameover ZeuS. Gameover ZeuS is a botnet so it has tons of other features other than spreading itself by email/phishing scams. Features as stated before such as a DDoS attack which can take down even the heftiest of server centers ("Gameover Zeus," n.d.). A DDoS attack is an attack that uses a botnet of thousands of computers to all simultaneously access a website at one time causing the server to overload. This causes a server to divert all processing down to the kernel level bypassing the read/write credential verification on the OS level since the kernel is typically what authenticates a user (“HTTP Flood,” n.d.). Cryptolocker on the other hand disrupts integrity in a different way. Cryptolocker encrypts all of your data on your hard drive rendering the system completely useless unless you have a backup stored somewhere, which most people don’t ("International Takedown,” n.d.).
The availability of a systems infected with this malicious code can be affected too in the same way as before. With Gameover ZeuS using the botnet to perform a DDoS attack and take down a server. If a server goes down it could be down for days or even week while security specialist comb through the system to see what was compromised, and what happened. The instance with Sony’s online gaming service left the network down for seven days only to tell the public that 77 million users that their information was compromised (Anthony, 2011). Then you have Cryptolocker that encrypts all of your data unless you pay a fee which in itself is a hindrance to the availability of a system.
In light of how aggressive these pieces of code can be there have been efforts by a multitude of government agencies around the world to counter the impact of them. It was known as “Operation Tovar” and consisted of United Kingdom’s National Crime Agency, FBI, Europol, Global Law Enforcement, and others in the private sector. Instead of going after each individual bot these agencies set out to tackle servers that were under the influence of Gameover ZeuS to stop the spread of the software. Vulnerability detection scans and frequent updates from Microsoft were highly encouraged. Advice was given by on how to better protect yourself. They said to block email attachments containing .exe, .zip and .scr, use vulnerability mitigation software to detect exploits, and lastly install antivirus software while keeping it up to date (Bradley, 2014). In conclusion we have covered the types of malicious software Gameover ZeuS and Cryptolocker are what they can do to a computer system. We have also covered what type of attacks they can pose to a system. Attacks covered are ones such as a confidentiality breach, system integrity, and the issue with availability to a network. Lastly the types of prevention and mitigation were covered along with simple yet helpful advice to help a user keep their system well protected.

Anthony, S. (2011, April 27). How the PlayStation Network was Hacked | ExtremeTech. Retrieved February 13, 2015, from
Bradley, T. (2014, June 2). How to protect yourself against Gameover Zeus and other botnets. Retrieved February 13, 2015, from
Gameover Zeus & Cryptolocker « The Shadowserver Foundation. (2014, June 8). Retrieved February 13, 2015, from
HTTP Flood. (n.d.). Retrieved February 13, 2015, from
Herman, L. (2014, June 11). Botnet, GameOver ZeuS, Disrupted & Ringleader Charged - Seculert Blog on Breach Detection. Retrieved February 13, 2015, from
International Takedown Wounds Gameover Zeus Cybercrime Network. (2014, June 2). Retrieved February 13, 2015, from
Rouse, M. (2007, May 1). Phishing. Retrieved February 13, 2015, from
Rouse, M. (2012, February 1). Botnet (zombie army). Retrieved February 13, 2015, from

Similar Documents

Free Essay


...Cryptolocker Ransomware: A Ransom no more! Christopher S Ebingersmith University of Maryland University College June 24, 2015 Introduction Cryptolocker Ransomware is part of a larger number of malware campaigns infecting large numbers of computer systems. This new variant of ransomware is more egregious in nature as it not only holds the system hostage as other types of ransomware, but through the course of infection a great number files, when found, are encrypted by this malware. The primary vector of infection is through the use of phishing email attempts to entice unwitting users to click on malicious attachments. Once the system is infected Cryptolocker hides, slowly beginning to affect the availability of files on the affected system communicating back to the “attackers’ command and control (C2) server to deposit the asymmetric key out of the victim’s reach.” (Alert, 2013) Cryptolocker, which only seems to affect Windows based targets, first popped up on security radars in September of 2013, “and these early versions were distributed via social engineering and spam emails that try to entice business professionals into opening an attached Zip file.” (Kostadinov, 2014) The zip files were thinly disguised as a 20kb file with some file names between 13 and 17 characters that mimicked “the look of legitimate businesses and through phony FedEx and UPS tracking notices.”(Alert, 2013) Spamming was the primary method utilized to infect potential hosts; this really......

Words: 833 - Pages: 4

Free Essay


...COMPUTER CRIMES A Case Study submitted in partial fulfilment of the requirements for the completion of the course in CIS401M: IT ETHICS AND LEADERSHIP Term 3, Academic Year 2014-2015 by LORETO V. SIBAYAN PAUL MATTHEW G. AVILA Master of Science in Information Technology College of Computer Studies April 2014 TABLE OF CONTENTS ABSTRACT 5 CHAPTER 1 1.0 INTRODUCTION 6 CHAPTER 2 2.0 OVERVIEW OF LITERATURE 8 2.1 CYBERCRIME 9 2.2 THEORIES OF CRIME 2.2.1 CRIMINOLOGICAL THEORIES 10 2.2.2 PSYCHOLOGICAL THEORIES 12 2.3 TYPES OF CRIME 14 2.3 CAUSES CYBERCRIME 19 2.4 CYBERCRIME PREVENTION 22 CHAPTER 3 3.0 ANALYSIS CYBERCRIME CASES 26 SUMMARY OF CYBERCRIME CASES 38 CONCLUSION AND RECOMMENDATION 43 REFERENCES 44 ABSTRACT The 21st century has brought about certain influences in the lives of everyone including the way we do business transactions, the way we gain education and the way we communicate; these influences are mostly revolutionized through the use of modern day technology and though these technologies have been proven to be beneficial to the entire society, it also carries with it aspects that can be worrying for everyone. Certain professionals in the said field use their expertise to illegally develop ways on how to take advantage of others with of course the use of technology hence......

Words: 7997 - Pages: 32