Gameover Trojan Description
Gameover is a dangerous Trojan that is linked to a phishing scam related to the 2011 holiday season. Online shopping is at an all time high due to the great online deals for Black Friday and the deals leading up to Christmas. ESG security researchers note that the FBI has issued a warning about fresh phishing scams taking advantage of this increased online shopping activity. Specifically, on November 25th, 2011, the FBI warned against the spread of the Gameover Trojan, a variant of the Zeus Trojan.
The Zeus Trojan is one of the most dangerous malware infections of the last years, and is typically used to steal banking information and credit card numbers. Gameover is one of the many variants of this dangerous malware threat. The Gameover Trojan spreads through a fake email from the National Automated Clearing House Association (NACHA), a legitimate organization that is not related to any of these messages. Another organization that has been spoofed by the criminals behind the Gameover Trojan phishing scam include the Electronic Payments Association (EPA) which is in charge of monitoring online payments and money transfers in the United States. The way the Gameover phishing email works is that Gameover will claim that a problem with the victim's online transaction occurred and that it would have to be canceled. Since many computer users have shopped online for their holiday gifts, chances are that they do have an online transaction in process which may tempt them to take this bogus claim seriously.
The Gameover phishing email contains an embedded link claiming to take the user to the details on his transaction. However, clicking on this link will actually download the Gameover Trojan. Once installed on the victim's computer, Gameover has the ability to steal banking account names and passwords. The Gameover Trojan also allows criminals to hijack the victim's computer, allowing them to carry out DDoS (Distributed Denial of Service) attacks on that particular bank's website. This allows criminals to more effectively steal the victim's money, since the bank's focus will be on the attack rather than on any abnormal transaction.
ESG security researchers strongly recommend against clicking on any of these links. Legitimate emails from EPA or NACHA will never prompt you to click on embedded links or download attached files. Basic online safety measures should be followed and, common sense should tell you that these kinds of emails are usually the work of online scam artists.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.