A possible attempt to revive the Gameover Zeus botnet

Researchers with Malcovery have identified a new piece of malware based closely on the Gameover variant of the nefarious Zeus trojan, a threat that was heavily disrupted in a massive international operation in early June.

The trojan is being delivered in spam emails claiming to be from banks, including M&T Bank and National Westminster Bank, according to a Thursday post. Each email comes attached with a ZIP file, and each ZIP file contains the same malicious SCR file.

Compared to the original Gameover Zeus trojan, this malware contains a new Domain Generation Algorithm list, as well as a new fast flux hosted command-and-control strategy, according to the post.

“Malcovery was able to identify a number of the command-and-control hosts believed to be involved in this attempt to revive the Gameover botnet,” the researchers noted.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.