Operation Tovar
This article may be in need of reorganization to comply with Wikipedia's layout guidelines. (January 2017) |
Operation Tovar | |
---|---|
Operation Name | Operation Tovar |
Roster | |
Executed by | Gameover ZeuS botnet |
Method | undisclosed |
Timeline | |
Date begin | Before June 2014 |
Results | |
Arrests | 2+ |
Accounting |
Operation Tovar was an international collaborative operation carried out by law enforcement agencies from multiple countries against the Gameover ZeuS botnet, which was believed by the investigators to have been used in bank fraud and the distribution of the CryptoLocker ransomware.[1]
In early June 2014, the U.S. Department of Justice announced that Operation Tovar had temporarily succeeded in cutting communication between Gameover ZeuS and its
The criminals attempted to send a copy of their database to a safe location, but it was intercepted by agencies already in control of part of the network.
Results
Russian
Restitution and victims
In August 2014 security firms involved in the shutdown, Fox-IT and
Analysis of data that became available after the network was taken down indicated that about 1.3% of those infected had paid the ransom; many had been able to recover files that had been backed up, and others are believed to have lost huge amounts of data. Nonetheless, the gang was believed to have extorted about
Participating law enforcement agencies
- Europol
- European Cybercrime Centre (EC3);
- United States
- Department of Justice(DOJ)
- Federal Bureau of Investigation (FBI)
- U.S. Department of Defense[3](DOD)
- U.K. National Crime Agency(NCA)
- South Africa - South African Police Service.
- Australia - Australian Federal Police (AFP)
- Netherlands -
- Dutch National Police
- National Criminal Investigation Service
- Germany - Bundeskriminalamt (BKA)
- Police Judiciaire
- Italy - Polizia Postale e delle Comunicazioni
- Japan - National Police Agency
- Police Grand Ducale
- New Zealand - New Zealand Police
- Canada - Royal Canadian Mounted Police
- Ukraine
Law enforcement worked together with a number of security companies and academic researchers,
See also
- Cutwail botnet
- Conficker
- Command and control (malware)
- Gameover ZeuS
- Timeline of computer viruses and worms
- Tiny Banker Trojan
- Torpig
- Zeus (malware)
- Zombie (computer science)
References
- ^ a b Storm, Darlene (June 2, 2014). "Wham bam: Global Operation Tovar whacks CryptoLocker ransomware & GameOver Zeus botnet". Computerworld. Archived from the original on March 13, 2023. Retrieved March 23, 2023.
- ^ a b c Brian, Krebs (2 June 2014). "'Operation Tovar' Targets 'Gameover' ZeuS Botnet, CryptoLocker Scourge". Krebs on Security. Archived from the original on 4 June 2014. Retrieved 4 June 2014.
- ^ a b c "U.S. Leads Multi-National Action Against "Gameover Zeus" Botnet and "Cryptolocker" Ransomware, Charges Botnet Administrator" (Press release). U.S. Department of Justice. 2 June 2014. Archived from the original on 3 September 2014. Retrieved 22 November 2020.
- ^ a b "Cryptolocker victims to get files back for free". BBC News. 6 August 2014. Archived from the original on 13 January 2020. Retrieved 21 June 2018.
- ^ Osborne, Charlie (6 June 2014). "FireEye, Fox-IT launch free service to combat Cryptolocker ransomware". ZDNET. Archived from the original on 3 July 2022. Retrieved 23 March 2023.
- ^ Wilhoit, Kyle; Dawda, Uttang. "Your Locker of Information for CryptoLocker Decryption". FireEye. Archived from the original on 8 August 2014.
- ^ Dunn, John E. (2 June 2014). "Operation Tovar disconnects Gameover Zeus and CryptoLocker malware - but only for two weeks". TechWorld. Archived from the original on 6 June 2014. Retrieved 4 June 2014.