Back in early June Microsoft announced it had taken down the GameOver Zeus botnet, in an effort to protect customers. But, thwarting the internet bad guys is much more difficult in practice than it is in theory. Now security researches claim the phoenix is rising from its ashes.
The folks at Arbor Networks, a security research firm, have been keeping regular tabs, and have noted a sudden and very rapid growth. The rise is actually due to a new variant that seems to be spreading quickly, but has become most prevalent in the US.
The firm tracked the variant, known as "newGOZ", through the final two weeks of July. In the short period between July 14th and 25th the firm saw a rise from 127 victims to an astonishing 8,494. However the final check, on July 29th, actually showed a nice drop-off of 27 per cent, which should be encouraging for all.
But before you get too excited about that reprieve, Arbor points out "as with all sinkhole data, many variables can affect the accuracy of victims such as network topology (NAT and DHCP), timing, and other security researchers. However, we feel that the data provides a good estimation of the current scope of this new threat".
Not a single continent, excepting Antarctica, was safe from the infestation, though North America, especially the US, ranked quite a bit higher than other victims. In fact the US accounted for 44 per cent of the victims, followed by India at 22 per cent. The UK finished third in this race nobody wishes to run, coming in at 10 per cent.
The researchers conclude with several questions regarding this new threat - will the perpetrators continue using this attack? If so, will it continue to grow? Will those behind it return to the original P2P version, which had a higher infection rate?