2014 is turning out to be a busy year for security alerts. Following the Heartbleed bug and the eBay credentials harvest, the FBI and the UK’s National Crime Agency have now alerted computer users that they have two weeks to protect themselves against a powerful attack involving two pieces of malware software known as GameOver ZeuS and CryptoLocker.
What is GameOver ZeuS & Cryptolocker?
GameOver ZueS (often known as GOZeuS) infects a computer via socially engineered phishing websites or email attachments. The emails are cleverly crafted to appear from legitimate sources such as banks or HMRC. If the user clicks on one of the attachments or links then GOZeuS silently monitors activity and tries to capture any private information, such as banking details, which is then uploaded back to a server for future bank account exploits. At this point the computer has joined a zombie network of computers called a botnet and is vulnerable to future attacks. Mobile phones are not immune either.
The second threat comes from the Cryptolocker malware, activated if the first attack by GOZeuS is not profitable enough. Cryptolocker will lock a user out of their files, for example photos or music, and threatens to delete them unless a ‘ransom’ financial sum of money is paid. The truth here is that even if you pay, you are unlikely to recover your files.
GOZeuS has been assessed as being responsible for the fraudulent transfer of hundreds of millions of pounds globally and recent reports have suggested that more than 15,500 computers in the UK are currently infected, with many more potentially at risk.
Why the two week warning?
The FBI has managed to identify the masterminds behind the malware attack and have successfully taken the servers offline that GOZeuS was communicating with. However the best security officials can do with such a sophisticated malware attack is to paralyse it. It is estimated that the network of criminals could re-configure the zombie computers via a backdoor, re-establishing communications with different servers. If this happens then the malware attacks may recommence.
How to protect yourself
While this two week re-configuration gap is in place, you have the chance to clean up and protect your computer. Steps you should take include:
- Backup your data NOW! Worst case scenario is if you have to perform a factory reset, at least you can restore your data.
- Check your antivirus software is up to date and make sure it scans daily.
- If you are a business, do not allow your users to have administrative rights. This will prevent software installing on their computer.
- Keep your computer up to date with regular updates especially if you are a Windows user. Free monthly updates will protect your computer. If the updates are regularly failing, you may have malware installed already.
- During this uncertain period opportunistic scammers will telephone you advising they can recover data or remove the malware by dialling onto your computer. Only trust known and reputable IT support providers.
- Passwords, passwords, passwords! Use secure passwords and make sure you use different passwords for different sites. Change them regularly ensuring they include a mix of lower and upper case letters as well as numbers.
If you’re unsure about how to clean up your computer and want to ensure that you are protected from any malware attacks contact one of our IT Solutions News team on 01228 711888 who will be happy to help keep you safeguarded.
Posted: June 4th, 2014