The FBI issued a warning late last week about ‘Gameover,’ a variant of the Zeus malware that can steal usernames and passwords. The malware is being propagated through spam e-mails purporting to come from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank and the Federal Deposit Insurance Corporation (FDIC).
According to the FBI, victims receive a phishing e-mail describing a problem with their bank account. Enclosed in each e-mail is a link that will allegedly solve the problem, yet once clicked, brings users to a website where the Gameover malware is downloaded. From there the malware “promptly infects your computer” and in turn, steals your banking information.
Unlike the normal Zeus variants however, Gameover then initiates a distributed denial-of-service (DDoS) attack via botnet. This simultaneously upsets the bank’s fraud detection system and distracts the bank’s attention from the attack at hand.
While Zeus has always focused its targets on banks, their customers, online payment systems and the like, the crimeware kit has seen a surge of popularity over the last year following the leak of its source code and its further adaptation to Android phones and Facebook.