Department of Justice attorneys today got a judge's permission to continue to intercept communications from computers infected with the Gameover Zeus virus, so they can help to clean them up.
U.S. District Judge Arthur J. Schwab granted the injunction in the civil case against the criminally indicted Russian Evgeniy Mikhailovich Bogachev, accused of being the mastermind behind Gameover Zeus and the Cryptolocker data ransom virus.
The hearing on the injunction came a day after the unsealing of the civil and criminal cases against Mr. Bogachev, of Anapa, who was described by U.S. officials as one of the most pernicious cyber criminals in the world.
Ethan Arenson, a trial attorney for the department's Computer Crimes and Intellectual Property Section, said that globally "350,000 infected computers have been liberated from the Gameover Zeus botnet," which was the network of computers that Mr. Bogachev is accused of clandestinely manipulating.
Rather than communicating with the Gameover Zeus system, the infected computers are now sending their Internet addresses to a federal government computer server.
"We have [addresses of] these computers that are infected with this malicious virus," said Mr. Arenson. "We need to get this malicious software off of these machines."
The federal government has set up a website -- www.us-cert.gov/gameoverzeus -- which includes proven tools for getting rid of the virus. The government is working with Internet service providers and computer security agencies to inform owners of all infected computers, Mr. Arenson said.
Judge Schwab told the department to submit a status report by July 11.
Mr. Bogachev is not in custody, and no one appeared at the hearing on his behalf.
Gameover Zeus caused computers to drain victims' bank accounts -- sometimes to the tune of seven figures -- into accounts controlled by the virus creator.
Cryptolocker encrypted the victims’ data and demanded ransom in the hundreds of dollars.
Authorities estimated that the two schemes netted $100 million.
Rich Lord: email@example.com or 412-263-1542. Twitter: @richelord.