GameOver Zeus malware is on the loose. Losses from the botnet can be staggering… The risk is not over either. The UK-based SkyNews have published news about an impending attack in the next two weeks.
A Florida based bank lost almost 7 million dollars. An insurance company in Pittsburgh had business files encrypted – with estimated loss of $70,000. A restaurant operator had over 10,000 files encrypted, including recipe folders, and franchise info. So far, the botnet has gathered $30 million in ransom payments.
US Cert has published an alert on the GameOver Zeus malware. While the U.S. leads multi-national action against GameOver Zeus botnet and Cryptolocker ransomware, it still pays off to stay alert and look after your own security. F-Secure has been one of the companies that has provided help in this case.
GOZ malware can be used to download and install additional malware, including Cryptolocker, which alone has found the 234.000 victims so far. It can also be used to extract banking credentials, which might end up in financial losses as individuals and businesses are targets of illegal funds withdrawals.
While Gameover Zeus (GOZ) is under FBI control the IP addresses of infected computers will be collected and will be shared with internet service providers. The service providers will and should direct customers to the removal tools.
So what should you do?
- Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses. It is important to keep your anti-virus software up-to-date.
- Change your passwords – Your original passwords may have been compromised during the infection, so you should change them.
- Keep your operating system and application software up-to-date – Install software patches so that attackers can’t take advantage of known problems or vulnerabilities. F-Secure Software Updater is an automated tool that will help you keep track of the software within your company network.
- Use anti-malware tools – Using a legitimate program that identifies and removes malware can help eliminate an infection. F-Secure Online Scanner is a free online tool that helps to get rid of viruses and spyware that may cause problems on your PC. It works even if you have another security software installed on your computer.
Traditional anti-virus might not be enough. For example, out of all Zeus crimeware infection attempts reported in April 2013, 80% involved previously unseen variants. In those cases, DeepGuard successfully prevented infection by recognizing the file’s malicious behavior and blocking the attack.