An international law enforcement project to disrupt the Gameover botnet is underway.

Gameover, aka Gameover Zeus or GOZ, is currently installed on up to a million computers worldwide. The botnet is rented out for malicious purposes, including harvesting private information, sending spam email, denial of service (DoS) attacks, extortion, and distribution of various kinds of malware, including the awful CryptoLocker [1,2] ransomware.

This effort to disrupt GOZ has already been very successful: the botnet’s owners are no longer able to control clients. As for Cryptolocker, newly-infected machines can no longer communicate with their controlling servers, which means they are safe, at least for now. Infected machines that are already encrypted are not affected and must still pay the decryption ransom or lose all encrypted information.

Brian Krebs provides additional details on his Krebs on Security blog.

Update 2014Jun09: Brian Krebs has a behind-the-scenes look at what went into this takeover. To this point, the takeover seems to have been 100% effective, but the botnet developers may have more moves left.