CryptoLocker & GameOver Zeus
Advisory on Gameover Zeus and CryptoLocker
Published on Wednesday, 11 June 2014 15:30
[ Background ]
There are millions of new types of malware detected every year. The latest to be detected is known as Gameover Zeus and CryptoLocker which encrypts a user’s information and demands a ransom from the user in order to decrypt the files.
On 2 June 2014, the US authorities published a media release that the Gameover Zeus (GOZ) botnet has been disrupted. GOZ is a peer-to-peer (P2P) variant of the Zeus family of malware.
Separately, an investigation by the US authorities also identified the GOZ network as a common distribution network for CryptoLocker, a malware that encrypts the user’s information and demands a ransom from the user in order to decrypt the files.
[ Affected Systems ]
Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8
Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012
[ Impact ]
Systems infected by GOZ could be used to send spam and participate in distributed denial of service (DDoS) attacks. Systems infected by CryptoLocker or GOZ could lose sensitive information (e.g. usernames, passwords, banking information).
[ Solution/Workaround ]
Gameover Zeus can be detected by anti-malware solutions.
Users need to be vigilant and take the necessary cyber security precautions such as:
Scan their computers with an updated anti-malware solution to remove Zeus and other known malware.
Change all usernames and passwords from a trusted computer. For more information on creating a strong password, users may refer to GoSafeOnline.
Keep your operating system and software up-to-date.
Back up your important files regularly.
[ References ]