The Lifecycle of Peer-to-Peer (Gameover) ZeuS

The Dell SecureWorks Counter Threat Unit(TM) (CTU) research team continues to monitor the latest advancements to the ZeuS banking Trojan horse malware family. One of the most significant developments since the leak of the ZeuS source code in May 2011 has been the introduction of a private peer-to-peer (P2P) version, first identified in October 2011, which removes the centralized command and control (C2) infrastructure previously required to push configuration files, updates, and collect information harvested from infected computers. Over the past year, CTU researchers have tracked the tools, techniques, and modus operandi of the attackers behind the P2P version of ZeuS, and have gained a comprehensive view into the thriving underground economy.

More Info

67 Percent of Critical Infrastructure Providers Were Breached Last Year

Still, only 28 percent say security is one of their organization's top five strategic priorities. A recent survey of 599 security executives at utility, oil and gas, energy and manufacturing companies in 13 countries has found that 67 percent have experienced at least one security breach in the past 12 months that led to the loss of confidential information or the disruption of operations.

More info