The Computer Emergency Response Teams (CERTs) in the US and UK have issued a warning about the Zeus malware variant called Gameover, amid an operation to disrupt the criminals behind the scam.
The Finnish security firm F-Secure estimates there are probably tens of thousands of Gameover botnets in existence. V3 has been reporting on Gameover since at least 2010.
The UK’s Get Safe Online group has also warned about the threat, saying that people only have a short time to protect their systems.
It said that the UK’s National Crime Agency (NCA) has taken control of the botnet communication system, and is likely to have it in its grasp for two weeks. During that time people are urged to check for and if necessary rid themselves of the malware.
“The National Crime Agency (NCA) and Get Safe Online are today urging the public and small businesses to protect themselves against a powerful type of malicious software that has hit the UK and could cost computer users millions of pounds,” it said.
Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit, added: “Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals. By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them.”
The US Cert has issued its warning to users of a range of Windows operating systems, including Microsoft Windows 95 through to Windows 8, and Windows Server 2003 to 2012.
Cert said that it was compelled to release a warning now, explaining that Gameover Zeus, or GOZ, is a peer-to-peer banking login thief. The alert has the backing of the United States Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and the Department of Justice (DoJ).
“GOZ, which is often propagated through spam and phishing messages, is primarily used by cybercriminals to harvest banking information, such as login credentials, from a victim’s computer. Infected systems can also be used to engage in other malicious activities, such as sending spam or participating in distributed denial-of-service (DDoS) attacks,” it explains.
“A system infected with GOZ may be employed to send spam, participate in DDoS attacks, and harvest users’ credentials for online services, including banking services.”
Cert recommends a number of actions to prevent Gameover infections, including ensuring antivirus software and anti malware tools are kept up to date, using secure passwords and regularly patching systems.
2 June 2014 | 2:27 pm – Source: v3.co.uk