FBI seize the hacker, $ 3 million is your-FBI, hackers, Trojan-IT information
FBI says it is the most difficult they have ever encountered a Trojan software, its more than 10 million computers in the global control, formed by the zombie network to the United States caused hundreds of millions of dollars in damage. The core author of this spyware called "Evgeniy Mikhailovich Bogachev", since 2009 the FBI in tracing the whereabouts of his 2012 locking suspects, but has so far failed to catch himself.
▲ US $ 3 million in reward
Then in 2009, United States major antivirus companies monitor found that United States and throughout the world is pop called "GameOver" Trojan virus, belonging to the "Zeus" (ZeuS) Trojan variants of this Trojan is unusually strong, in addition to steal private information, you can also create botnets, large areas of "denial of service" (DDoS).
At that time in the user very much, victims in addition to the normal user, as well as banking institutions. Bank reports, for example on, its network service is being subjected to DDoS attacks, flow of data is too large, so that normal users cannot visit the Web site to conduct business. FBI investigation found that of DDoS attack flow spread all over the world, but mainly from the United States mainland. Investigators followed the traffic sources to find a computer infected with a Trojan, Trojan by analyzing data, finally extract samples of the virus. According to FBI Executive Assistant to Robert Anderson said the "GameOver Zeus botnet is the FBI ever encountered one of the most complex, most demanding to smash Trojans. ”
? United States is "GameOver" hardest hit by Trojan
As "Zeus" Trojan variant, GmaeOver not only for the anti-virus software to form the immune mechanism, after many camouflage and appearance, lure users to click on. The original Trojan is usually an executable attachment,. EXE end will be mail filters to filter out, on the other hand also easy to anti-virus software. GmaeOver Trojans after confusion at the code level, General antivirus software cannot find the Trojans face, no longer. EXE so conspicuous, but. ENC inexplicably suffix, luring users of eye-opening. While the Trojans are generally contained in a compressed file, looks like any ordinary user or system files. GameOver, in addition can be spread via email, can also be transmitted through the Web site, such as lures users click on a download link if user clicks on download and then run the executable file, they would have got.
Once Trojans lurking to the user′s PC, the computer will take the initiative to contact the hacker′s server, controlled by hackers. Hackers can get into the user′s password information, personally identifiable information, or even browse the user′s e-mail records, with this information, hackers would be able to login Internet banking, card of innocent people on a money transfer abroad, or using stolen credit card account trading in the black market. Divided by outside hackers control over 1 million computers, hackers became King, control the botnet, and will be able to launch a DDoS attack, such as banking server to its knees.
On August 22, 2012, the FBI finds GameOver botnet consists of one called "lucky12345" hacker-controlled, although has yet to confirm real identity behind a federal grand jury is also found in Nebraska "lucky12345" violates several laws, including bank fraud, illegal to steal personal information.
Two years later, the FBI has new-found, GameOver associated Trojan and Trojans with another kidnapping. There were a large number of users encounter a Trojan called CRYPTOLOCKER, this Trojan will automatically search for sensitive documents inside a user′s computer, and then encrypted, if users need to use these files, Trojan randomly to blackmail a certain amount, if the user refused to pay, will not see the files of their own, these files will even be deleted. Botnets, many computers are infected with a Trojan, it is estimated that hackers make a profit of more than $ 20 million.
In 2014, the Sly Fox has finally leaked out of the bag. FBI tracking technology traces to lucky12345 on the Internet, he is the most commonly used name in addition to the "lucky12345", and "Slavik" and "Pollingsoon", along with FBI on secret technical or non-technical means to find out this person′s real name, called "Evgeniy Mikhailovich Bogachev" or turned upside down his personal information, Born November 28, 1983, 33 years old, height 175, weight 80KG, who lives in Russia, Anapa, Russia the southern city of Krasnodar has real estate, love boat, and love to travel.
? Personal information is exposed
In May 2014, the federal grand jury in Pennsylvania ruled Bogachev committed computer fraud, wire fraud, money-laundering, among other charges. Ten days later, a federal grand jury in Nebraska ruled Trojans GameOver zombie case and later the CRYPTOLOCKER Trojan author are the same person, Bogachev was criminal conviction, FBI his entry "FBI most wanted list" and offered a $ 3 million, is the highest reward amount in all cases, more information click this link.
FBI alert to readers around the world, as Evgeniy Mikhailovich Bogachev travel money, so passers-by discovered his whereabouts, the probability is very high. Even the possibility of traveling to China, who was shopping in the supermarket or walking down the street, and found the man′s suspected whereabouts, be sure to contact United States FBI. If the FBI successfully capture, $ 3 million, almost 20 million RMB, all yours.
帮FBI抓住这名黑客,300万美元就是你的 - FBI,黑客,
木马 - IT资讯
FBI表示这是他们遭遇过的最棘手的木马软件,其在全球控制的电脑数量超过1000万,所形成的僵尸网络给美国造成了上亿美元的损失。此木马软件的核心作者叫“Evgeniy Mikhailovich Bogachev”,自2009年FBI就在追查他的下落,2012年锁定嫌疑人,可惜至今未能抓到本人。
▲300万美元悬赏
当时还是2009年,美国各大反病毒厂商监测发现,美国乃至全世界正流行一种叫“GameOver”的木马病毒,属于“宙斯”(ZeuS)木马的变种,这种木马异常强大,除了窃取隐私信息,还可以形成僵尸网络,发起大面积“拒绝服务攻击”(DDoS)。
当时中招的用户非常多,受害者除了普通用户,还有银行机构。比如就有银行报告,其网络服务正在遭受DDoS攻击,数据流量太大,以至于正常用户无法登陆网站办理业务。FBI介入调查发现,DDoS攻击的流量散布在世界各地,但主要来自美国本土。调查员顺着流量来源找到一处感染了木马的电脑,通过分析电脑中的木马数据,终于提取出病毒样本。据FBI执行助理Robert Anderson称,“GameOver宙斯僵尸网络是FBI有史以来遇到的最复杂,捣毁起来最费神的木马。”
▲美国是“GameOver”木马重灾区
作为“宙斯”木马的变种,GmaeOver不仅针对各家杀毒软件形成了免疫机制,而且外观上经过重重伪装,诱惑用户点击。原始木马一般是可执行附件,以.EXE结尾,一方面会被邮件过滤器过滤掉,另一方面也容易被杀毒软件查杀。GmaeOver木马在代码层面经过混淆,一般的杀毒软件很难发现其木马的真面目,其后缀也不再如.EXE这么显眼,而是采用如.ENC这样莫名其妙的后缀,诱惑用户放下戒心。同时此木马一般都放在压缩文件中,看起来和普通用户文件或者系统文件差不多。GameOver除了可以通过邮件传播,还可以通过网站传播,比如诱惑用户点击某个下载链接,如果用户点击下载然后运行了其中的可执行文件,就会中招。
一旦木马成功潜伏到用户的个人电脑,这台电脑就会主动联系黑客的服务器,受黑客控制。黑客可以获取到用户的密码资料,个人身份信息,甚至浏览用户的电子邮件记录,有了这些资料,黑客就能顺利登陆网上银行,把无辜群众的卡上的钱转移到国外,或者使用盗来的信用卡账户在黑市做交易。除以以外,如果黑客控制了100万台计算机,黑客就变成了尸王,控制整个僵尸网络,然后就能发起DDoS攻击,比如让银行服务器瘫痪。
2012年8月22日,FBI认定GameOver僵尸网络主要由一名叫“lucky12345”的黑客控制,虽然当时还没有确认背后真人的身份,联邦大陪审团还是在内布拉斯加州裁定“lucky12345”违反了多项法律,包括银行欺诈、非法盗取个人信息等。
两年后,FBI又有新发现,GameOver木马和另一起木马绑架案有关联。当时有大量用户遭遇一种叫CRYPTOLOCKER的木马,此木马会自动搜索用户电脑里面的敏感文档,然后加密处理,如果用户需要用到这些文件,木马会随机勒索一定金额,如果用户拒绝付款,就永远也看不到本属于自己的文件,甚至会把这些文件删除。僵尸网络中许多计算机都感染了这一木马,据估算,黑客从中获利超过2000万美元。
2014年,狡猾的狐狸终于漏出了马脚。FBI通过技术手段跟踪到了lucky12345在互联网上的踪迹,他最常用的网名除了“lucky12345”,还有“slavik”以及“Pollingsoon”,同时FBI根据不可告人的技术或非技术手段,查出这个人的真名,叫“Evgeniy Mikhailovich Bogachev”,还把他的个人资料翻了个底朝天,生于1983年11月28日,今年33岁,身高175,体重80KG,家住俄罗斯的阿纳帕,在俄罗斯南部城市克拉斯诺达尔也有房产,爱划船,爱旅行。
▲个人信息被曝光
2014年5月,联邦大陪审团在宾夕法尼亚州裁定Bogachev犯下计算机欺诈、电汇欺诈、洗钱等罪名。十天后,联邦大陪审团在内布拉斯加州裁定GameOver僵尸木马案件和后来的CRYPTOLOCKER木马作者都属同一人,Bogachev终于被刑事定罪,FBI把他录入“FBI通缉名单”,悬赏300万美元,是所有网络案件中悬赏金额最高的,详细介绍可点此链接。
FBI提醒全球读者,由于Evgeniy Mikhailovich Bogachev钱多爱旅行,所以路人发现他行踪的概率非常大。甚至有来中国旅行的可能,若有谁在超市购物或街上散步时,发现此人的疑似行踪,记得要迅速联系美国FBI。如果FBI成功顺利抓捕,300万美元,差不多两千万人民币,都是你的。