[1] In early June 2014, the U.S. Department of Justice announced that Operation Tovar had temporarily succeeded in cutting communication between Gameover ZeuS and its command-and-control servers.
[1][2][3] The criminals attempted to send a copy of their database to a safe location, but it was intercepted by agencies already in control of part of the network.
Russian Evgeniy Bogachev, aka "lucky12345" and "Slavik", was charged by the US FBI for being the ringleader of the gang behind Gameover Zeus and Cryptolocker.
In August 2014 security firms involved in the shutdown, Fox-IT and FireEye, created a portal, called Decrypt Cryptolocker, which allows any of the 500,000 victims to find the key to unlock their files.
[4] Law enforcement worked together with a number of security companies and academic researchers,[2][7] including Dell SecureWorks, Deloitte Cyber Risk Services, Microsoft Corporation, Abuse.ch, Afilias, F-Secure, Level 3 Communications, McAfee, Neustar, Shadowserver, Anubisnetworks, Symantec, Heimdal Security, Sophos and Trend Micro, and academic researchers from Carnegie Mellon University, the Georgia Institute of Technology,[3] VU University Amsterdam and Saarland University.