UAE ranks third in GameOver ZeUS hitlist

Symantec reveals tens of thousands of machines in the Emirates infected by financial malware

Tags: AccessData Group LLC (www.accessdata.com)Cyber crimeSymantec CorporationUnited Arab Emirates
  • E-Mail
UAE ranks third in GameOver ZeUS hitlist
By  Stephen McBride Published  June 4, 2014

The UAE ranks third in a list of countries most affected by the GOZ (GameOver ZeuS) botnet, according to statistics released by Symantec Corp.

Symantec shared the breakdown of the top six nations hit by the financially motivated botnet following an FBI shutdown of the network earlier this week. Symantec and Australian Federal Police were both reportedly instrumental in the operation, but the shutdown was said to be temporary and users were warned they had two weeks to protect their computers before the GOZ command-and-control system would be restored.

The UAE accounted for 8% of reported GOZ infections worldwide. If Symantec's figures are accurate this would translate to between 40,000 and 80,000 infections in the Emirates, based on FBI estimates of 500,000 to 1m global incursions of the malware. Other countries in Symantec's top six are the US (13% of reported infections), Italy (12%), Japan (7%), UK (7%) and India (5%).

GameOver ZeUS infects by stealth and monitors a target machine for finance-related information. It is also able to take control of private online transactions and divert funds into criminals' accounts.

"What is not well known is that these attacks were widespread for a long time and caused a big scare in the financial services industry," said Lucas Zaichkowsky, enterprise defence architect at AccessData, in a report shared today with ITP.net.

"According to several inside sources I have spoken with, a significant number of banks were hit by these attacks. Thanks to the continual flow of information shared among peer groups, such as Information Sharing and Analysis Centres (ISACs), participating organisations knew what signs to look for to avoid losses from these types of attacks."

Continues on next page>>

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code