On Dec. 30, 2016, President Barack Obama announced sanctions related to Russian state-sponsored hacking of the 2016 U.S. presidential election. An individual believed to be involved was already on the FBI’s most wanted list of cybercriminals—one Evgeniy Bogachev, leader of the GameOver Zeus botnet, which the FBI had taken down in 2014 in a long-planned but swiftly executed multinational operation. In this installment of Tech Time Warp, we’ll take a closer look at what happened with GameOver Zeus.
First detected in 2011, at its largest, GameOver Zeus had grown to a network one million computers strong, typically infected through fake emails often purporting to be from the IRS. At the time of the FBI takeover (“Operation Tovar”), the botnet contained approximately 300,000 machines. An estimated $100 million had been stolen from individuals and companies of all sizes and descriptions. But the powers behind GameOver Zeus were also querying the network—in English—for terms such as “top secret” and “Department of Defense,” suggesting there might be different powers at work.
Takedown of GameOver Zeus
The FBI’s takedown of GameOver Zeus involved partnering with 10 other countries as well as private-sector experts. The operation was carefully planned to avoid tipping off Bogachev. Once the operation began, Bogachev was aware within an hour and fiercely worked to maintain control in a tense battle of keystrokes. But within five hours, the FBI and its partners had secured control of GameOver Zeus. Work began to dismantle the botnet computer by computer.
On June 2, 2014, the Justice Department announced the results of the operation and the indictment against Bogachev. A reward of up to $3 million is available for information leading to his arrest or conviction.
Enjoyed this post? You can check out previous installments of Tech Time Warp, click here.
Photo: Raywoo / Shutterstock