GameOver Zeus, or GOZ, initially spread via a malicious spam and phishing campaign that sent out e-mails appearing to come from reputable organizations such as the Federal Reserve Bank, the Federal Deposit Insurance Corporation (FDIC) and the National Automated Clearing House Association (NACHA).
A link in these e-mails, if clicked upon, would open a fraudulent website where the GOZ malware would then be downloaded and run on the system, subsequently opening the infected computer for financial information and login credentials to be obtained.
Key Differences of GameOver Zeus vs. ZeuS
A key distinction between GameOver Zeus and the original ZeuS variants is that GOZ featured the additional capability to initiate denial-of-service (DoS) attacks via botnets as a form of subterfuge. A second difference is that the GameOver Zeus malware employed a P2P architecture for the operation of the malware, making it more difficult for authorities to track and shut down the cybercriminals activities.
Authorities were able to put an end to both GameOver Zeus and the CryptoLocker ransomware in mid-2014 following a multi-continent collaboration between law enforcement agencies, particularly the European Cybercrime Center (EC3), and security researchers to identify and shut down the GOZ botnet servers and infrastructure.
This effort followed two unsuccessful attempts in 2012 to disrupt and put an end to the GameOver Zeus infrastructure.
Also see The Difference Between a Virus, Worm and Trojan Horse in the Did You Know? section of Webopedia.