Global Cybersecurity Leader Fox-IT and US Security Company Crowdstrike, in Collaboration With the FBI, Demystify GameOver ZeuS and Uncover Unexpected New Facts


AMSTERDAM, The Netherlands and LAS VEGAS, Aug. 5, 2015 (GLOBE NEWSWIRE) -- Today, global cybersecurity leader Fox-IT and U.S. security company Crowdstrike, in collaboration with the FBI, presented their joint research on GameOver ZeuS at Black Hat in Las Vegas. GameOver ZeuS is considered by many to be the most successful cybercrime group to date. In a joint investigation over multiple years, the FBI, with the help of Fox-IT's InTELL team and others, has taken down a vital part of the botnet and rendered GameOver ZeuS ineffective. What we learned in these investigations has just been presented in detail for the first time during the Black Hat briefing, "GameOver ZeuS: Bad Guys and Backends."

Some of the new facts include:

  • In addition to bank robbery, credential stealing and ransomware, the GameOver ZeuS gang engaged in espionage across eastern European countries
  • The GameOver botnet sizes averaged 200,000 nodes in total
  • The gang stole 20 to 30 terabytes of data over time, as well as an estimated $100 million of banking funds
  • The GameOver ZeuS gang called themselves the "businessclub" and totaled more than 50 criminal actors
  • Evgeniy "Slavik" Bogachev was not the sole leader of this "businessclub"

Andy Chandler, SVP at Fox-IT, said, "Years of dedicated time and effort went into this investigation by our team in Delft. We are pleased to be able to share our knowledge and insights into this sophisticated criminal organization. The maturity of how they evolved could have been an example out of a Harvard business book. The businessclub, led by two (not one), made hundreds of millions of dollars. At the same time, they used their criminal talents to expand from retail banking to commercial banking and branch off to new areas like espionage and ransomware."

In an earlier statement, the assistant director at the FBI said, "The progress we made on this case and the response to reduce the infections would not be possible without those in the private sector. Calling out Dell SecureWorks, Fox-IT, and Crowdstrike were among the chief, and also our partners at DOJ. Without them, all of this would not have been possible."

The Black Hat presentation took place at Mandalay Bay GH, 1:50 p.m. PST. For more information on Fox-IT's InTELL and related issues, please email Eward Driehuis, driehuis@fox-it.com, or call +31 6 43824529.

About Fox-IT

Fox-IT, headquartered in the Netherlands, anticipates and solves the world's cybersecurity challenges, achieved through a strong focus on innovation and a tireless dedication to our clients, our values and our integrity. 


            

Coordonnées