You have probably heard by now that you have less than 2 weeks to protect your computers from a potential Doomsday Scenario, and if not you will once you have read this. Before I go any further I should mention there is some good news and also some bad news. The good news is that if your computer is not using Windows as its operating system then you are ok provided you are not running Windows via a virtual machine. The bad news is that if your computer uses Windows as its operating system you could be in trouble.
So far between €75 million and €250 million are estimated to have been stolen worldwide with 500,000 to one million machines been infected worldwide. Thankfully the FBI working with other agencies have seized servers around the world last weekend and freed 300,000 computers from the infection. This is only a temporary stop gap, hence why you have less than 2 weeks to update your system.
Gameover Zeus is a malware which can take over your PC without you knowing. It gives the cyber criminals who are behind it, the ability to access everything you do, while also giving them the ability to record your keystrokes, video what you do on screen and turn on your webcam. It is designed to search and identify any financial information that you have stored on your computer as well as capturing any usernames, passwords and data that is entered into online banking, email, social media or shopping sites. When they have this information, they then use it to re-direct bank transfers into their own bank accounts.
If the Gameover Zeus malware doesn’t find any financial information on your PC, then the cyber criminals have designed a failsafe where ransomware known as CryptoLocker is installed. CryptoLocker acts like the Garda Virus which I mentioned in my second blog post. It encrypts your computer’s hard drive, and demands you pay a ransom if you wanted to regain the use of your computer.
Since September last year, when it was first discovered CryptoLocker has infected around 250,000 computers worldwide and in its first 2 months it has taken €20 million.
You are probably wondering how your computer can get infected. This happens after you open ‘phishing’ emails, which are designed to look as though they come from legitimate sources like your bank or even your family and friends. A phishing email is one that either has an attachment or encourages you to click a link to a website. Once you have clicked the link or downloaded the attachment you could be in trouble. The link you clicked can either download a file to your computer or take you to an authentic looking website like your online banking or PayPal where you are asked to change your password.
To ensure your computer is protected please do the following:
Make sure that you have the latest version of Window and that it has the latest patches installed.
If your computer has antivirus software on it make sure it is up to date.
If your computer doesn’t have any antivirus software then install some asap.
Free antivirus software that you can install include AVG and Microsoft Security Essentials.
Be careful with any attachments that may get in an email.
Avoid email attachments which contain executable files (.exe) or ZIP files with executable files like SCR and EXE.
Always back up all your files on a regular basis by using an external hard disk or online cloud storage like Dropbox.
If you are not sure if your computer is already infected by Gameover Zeus or CyrptoLocker, then ask yourself the following 5 questions.
Is your computer slow and not very responsive?
Is your mouse/trackpad moving without you controlling it?
Is there unauthorised logins to your bank accounts and have unauthorised bank transfers taken place?
Have text based chat windows appear randomly on your desktop?
Are you locked out of your computer and you are asked to pay a ransom to unlock it?
If you answered yes to any or all of the 5 questions, your computer is infected.
If your computer is infected with Gameover Zeus then download one of the following programs which will help you get rid of it.
F-Secure online scanner works with Windows Vista, 7 and 8.
F-Secure downloadable scanner works with Windows XP.
Heimdal works with Microsoft Windows XP, Vista, 7, 8 and 8.1.
McAfee works with Windows XP SP2, Server 2003 SP2, Vista SP1, 2008, 7 and 8
Microsoft works with Winddows 8.1, Windows 8, Windows 7, Windows Vista, and Windows XP.
Sophos works with Windows XP (SP2) and above.
Symantec works with Windows XP, Windows Vista and Windows 7.
Trend Micro works with Windows XP, Windows Vista, Windows 7, Windows 8/8.1, Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2.
Once you have got rid of the malware, you have to change all your passwords as they will have been compromised. To get rid of ransomware please read my next post.
As long as you have your computer using the latest version of Windows with the latest patches and antivirus software, you should not be facing anymore doomsday scenarios soon.