Wow, this is amazing! To me the most amazing part of all of this is the realization that there are so many very smart, no brilliant, people in this world. This is a
NY Times story.
"WASHINGTON
— Federal agents over the weekend secretly seized control of two
computer networks that hackers used to steal millions of dollars from
unsuspecting victims. In doing so, the Justice Department disrupted the
circulation of two of the world’s most pernicious viruses and turned a
30-year-old Russian computer hacker into a most-wanted fugitive.
The
strike, coordinated with the European authorities, was aimed at malware
called GameOver Zeus, which is known to steal bank information and send
it to overseas hackers, and CryptoLocker, which burrows into computers
and encrypts personal data. The hackers then demand a ransom to unlock
the files.
“By
the time the victims learned that their computers had been infected, it
was far too late,” Leslie R. Caldwell, the assistant attorney general
in charge of the criminal division, said Monday.
Together,
the Justice Department estimates, the two malicious programs have
infected between 500,000 and a million computers and cost people more
than $100 million in direct and indirect losses.
Authorities
had been investigating the two viruses separately, but along the way,
they realized that GameOver Zeus was the main vehicle by which
CryptoLocker was spread, the Justice Department said.
They
also determined that the operations were run by the same man, whom the
Justice Department identified as Evgeniy M. Bogachev, of Anapa, Russia.
Investigators were hunting for him even before they knew his name.
Inside the F.B.I., he has long been one of the government’s most
sought-after individual cybercriminals, through his screen name,
Lucky12345.
While both pieces of software are distributed through spam emails, they accomplish different things, each highly damaging.
Once
inside a computer, GameOver Zeus quietly tracks each keystroke. When
the software detects someone logging into a bank account, it records the
password. Armed with that information, hackers log in and drain the
account. Often they stole more than $1 million from businesses,
prosecutors said, with at least one theft exceeding $6 million.
CryptoLocker
spreads through emails that look like they are from legitimate
businesses, including fake tracking notices from FedEx and U.P.S. Once
inside a network, such as a company’s computer system, the virus can
spread from one computer to the next. As it spreads, the software locks
up computer files behind unbreakable encryption, then demands hundreds
of dollars in exchange for the code that unlocks it.
Investigators
say many people and organizations, including the police department in
Swansea, Mass., have paid to recover their files. Those who refused saw
their files permanently erased. Such so-called
ransomware is a growing security threat.
Investigators
have targeted large malicious software networks, known as botnets,
before. In 2011, the F.B.I. hijacked a command-and-control server that
ran the similarly harmful Coreflood network. It then sent a shutdown
command to every infected computer, effectively killing the virus in one
stroke.
This
weekend’s takedown, which was months in the making, was far more
difficult. While CryptoLocker used a command-and-control server,
GameOver Zeus did not. Instead, it relied on a decentralized structure,
and it did not have a simple shutdown command."
