Last month, DOJ announced that International law enforcement agencies disrupted the Game Over Botnet. However, Researchers at Sophos say the GameOver malware is back.
Researchers spotted several spam campaign and analyzed a few samples of the new version.
The new version has few modifications. One of them is removing Necurs rootkit part from the malware.
The second modification is using Domain generation algorithm(DGA) as the primary command and control mechanism instead of Peer-to-Peer protocol.
"We do not know if it is being operated by the same people that were indicted last month, or a subset of them, or indeed a different group altogether that has obtained the Gameover source code." researcher said.
Researchers spotted several spam campaign and analyzed a few samples of the new version.
The new version has few modifications. One of them is removing Necurs rootkit part from the malware.
The second modification is using Domain generation algorithm(DGA) as the primary command and control mechanism instead of Peer-to-Peer protocol.
"We do not know if it is being operated by the same people that were indicted last month, or a subset of them, or indeed a different group altogether that has obtained the Gameover source code." researcher said.