US Authorities announced today that the Gameover Zeus (GOZ), a malicious software scheme, botnet has been taken down. The action was the result of a multinational effort between government agencies, law enforcement, and private companies to shut down the massive botnet that had been used to divert a substantial amount of money to bank accounts of criminals.
Malware is typically downloaded by unsuspecting users via what is known as a phishing attack, usually in the form of an email that looks like it comes from somewhere legitimate – such as a bank – when it fact it is designed to trick a person into downloading malicious software.
Once installed on a victim’s machine, Gameover Zeus will search specifically for files containing financial information. If it cannot find anything it deems of worth, some strains of Gameover Zeus will then install Cryptolocker – a ransomware program that locks a person’s machine until a fee is paid.
Internet service providers (ISPs) will be contacting customers known to have been affected by either letter or email. It is understood that the first notices were sent out on Monday.
The UK’s National Crime Agency (NCA) said people probably had “two weeks” before the criminals would get the botnet functioning again.
Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit, said “By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them. Whether you find online security complicated or confusing, or simply haven’t thought about keeping your personal or office computers safe for a while, now is the time to take action.”
How to stay protected:
- Ensure that your operating system and security software are up-to-date.
- Do not open attachments in emails unless you are 100% certain that they are authentic – be especially wary of ZIP, EXE and SRC attachments
- Make sure your software programs have the latest manufacturers’ updates applied
- Make sure all of your files including documents, photos, music and bookmarks are backed up and readily available
- Never store passwords on your computer – we recommend using a secure online password manager such as LastPass
- Use the free tools available to check if your PC is affected, we recommend Trend Micro
As a precautionary measure it is also advisable that you change your passwords, especially those associated with any important services such as internet banking.
Secure passwords contain a variety of numbers, letters and symbols, we recommend using the xk password generator service.
Your IT Works clients currently using our anti-virus and email filtering services will be protected, however, those who use external emails or users home machines may not.
If you have any concerns, questions, or need any additional advice or assistance please do not hesitate to contact us on 01908 410 261.