United States officials, along with international cybercrime authorities, seized control of an estimated 500,000 to 1 million machines infected with the malicious software "Gameover Zeus," which stole account credentials and extorted money from its owners by demanding ransom.
U.S. Assistant Attorney General Leslie Caldwell of the Justice Department's Criminal Division announced on Monday the filing of charges against Evgeniy Mikhailovich Bogachev for his involvement on the attack, Reuters reported.
Gameover Zeus, which stemmed from "Zeus" - the original malicious software that stole financial passwords starting in 2006 - accounted for many other malicious programs including Cryptolocker, which infected more than 234,000 machines and earned $27 million in ransom payments.
Together, Gameover Zeus and Cryptolocker raked in more than $100 million for gangs based in Russia, after thousands of victims, including international banks, were scammed.
Brett Stone-Gross, a Dell expert who assisted the FBI, said that they took control of the Gameover Zeus robot network or "botnet," so they would only connect to the FBI infrastructure. So far, 300,000 computer victims were cleared from the botnet after the weekend operation.
Evgeniy Mikhaylovich Bogachev and others received a criminal complaint in Nebraska for allegedly creating the malicious software, including Zeus, and using several aliases to conceal their identities. The original Zeus Trojan infected more than 13 million computers and resulted in a loss of hundreds of millions of dollars.
Deputy Attorney General James Cole reached out to Russia and is reportedly in talks to have Bogachev extradited to the United States.
This doesn't seem to be the end of Gameover Zeus. Other botnets resurfaced after criminals took partial control of their networks. Users might have only a two week window to clean their computers, according to officials at the United Kingdom's National Crime Agency. The U.S. Department of Homeland Security set up a website to help users remove the malware.