Evil Russian criminal sought by FBI!

 In ITC's Threat of the Week

No it isn’t Vladimir Putin, it is our old associate lucky12345 or to give him his full name Evgeniy Mikhailovich Bogachev (Mwahahaha), creator of the Zeus Botnet, which has been used to syphon over 100Meeelion dollars from bank accounts around the world.

This week the FBI placed a $3Million bounty on his head, indicative of the frustration the Feds are feeling at not getting their man.

You can review the FBI alive or dead here:
http://www.fbi.gov/wanted/cyber/evgeniy-mikhailovich-bogachev/

Other than identifying that EMB works in the IT industry (honestly, it really says that, we have checked and it isn’t for us) and likes boating, presumably to and from his private island in his DeathStar type yacht, there is little more to go on.

Why place this bounty on his head now we wonder? Is there something the Feds know that we don’t? Of course there is!

The lovely people at Sophos identified that Gameover Zeus had returned in July 2014, delivered using Spam email which directs the feeble to a fake credit card E-statement URL and then infects them with a very sophisticated Malware that uses seeded random URL Command and control (C2) servers and is hard to detect in operation.

We are betting that an even more advanced version is on the cards, possibly including advanced Cryptolocker tech, delivered yet again through a monster Spam campaign. Be warned.

Until the Feds get their man, we advise the usual:

• Keep your A/V up to date
• Identify machines without up to date A/V and bar them from accessing your network
• Crank up your email and web filtering to the max
• Implement advanced C2 discovery on your gateways
• Remove Admin privileges from your users (including local Admin)

But most importantly:

• Educate your users about opening emails
• Educate your users and friends about opening emails
• Educate your users, your friends and your family about opening emails

If you are interested in user education, identifying machines without up to date A/V, spam and web filtering or implementing advanced C2 discovery, you will be delighted to know that they all form part of our NetSure360° Managed Security Service and we would be delighted to tell you all about it.

Please contact us on: sales@itcsecure.com or call 020 7517 3900

Author: Kevin Whelan

Recent Posts

Leave a Comment

Contact ITC Secure

If you have a question, request, comment or requirement, please send us an email now and we will get back to you by return

totw