"The P2P ZeuS crew digitally signs the configurations and binaries to prevent attackers from pushing arbitrary versions of these files," the report says. "In addition, some of the P2P control messages (e.g., that set up the HTTP proxy nodes are signed to prevent poisoning)."

The P2P ZeuS botnet has infected hundreds of thousands of PCs in 226 countries, with the U.S., Germany and Italy the hardest hit, according to the report. The botnet steals by accessing bank accounts and making unauthorized large Automated Clearinghouse (ACH) and wire transfers to what are called "money mules," who works as accomplices.

The P2P design of Gameover ZeuS is going to make taking it down very hard, says Stone-Gross. That's become evident with what was hoped to be a successful , which researchers worked together to poison, but now shows clear signs of returning. Stone-Gross also notes was able to effect a take-down of more commonplace ZeuS and SpyEye servers for financial crime in March because the .

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: emessmer@nww.com.

in Network World's Wide Area Network section.