An international operation led by the U.S. put to an end a crime ring that had infected many hundreds of thousands of PCs across the globe with a malicious software that is used to steal banking information and to extort the owner of the computer, said the U.S. Justice Department Monday.
Authorities in close to one dozen countries worked together with security companies to wrestle control of the malicious network that infected computers known by the moniker Gameover Zeus, its master software.
Court documents on Monday were released and said that up to 1 million machines across the globe had been infected with this malicious software, which had been derived from the original trojan Zeus for stealing the passwords to financial institutions that first emerged in 2006.
As well as stealing from online accounts for consumers and businesses, the crew of Gameover Zeus installed other programs of a malicious nature, including one known as Cryptolocker that was able to encrypt files and to demand payments to have them released.
The software by itself infected over 234,000 machines and was able to win in total ransom payments over $27 million, said the U.S. Department of Justice.
These two programs brought in together over $100 million said court documents presented by prosecutors including more than $198,000 in wire transfers that were unauthorized from a materials company in Pennsylvania and $750 in ransom form a Massachusetts police department whose files for all its investigations had been encrypted.
The schemes said authorities were both immensely lucrative and highly sophisticated. The criminals did not make it easy for the investigators to find them or disrupt their action.
A civil lawsuit in the state of Pennsylvania helped federal authorities to get the court orders needed to seize parts of the network that had been infected. On May 7, authorities in the Ukraine seized and then copied the command servers in Donetsk and Kiev from Gameover Zeus.
U.S. authorities as well as other agents worked from Friday through the entire weekend to seize servers across the globe freeing almost 300,000 computers from the botnet thus far.
A complaint in criminal court unsealed on Monday accused Evgeniy Mikhaylovich Bogachev as well as other of taking part in the conspiracy.