One of the things we coverered briefly was GameOver Zeus and Crypto locker and although we covered it a couple of months it’s only become headline news in the last week.
Lets get some factors out the way:
- Its unlikely you have got it, only about 7% of PC’s have it
It can be easily removed with a number of tools before the “deadline”
Its only news as the FBI & NCA managed to trap it
Its not a uniquepiece of malware
You mainly get it from opening attachements from unsolicited emails
What are they?
There are two scares. GameOverZeus and Cryptolocker. The first is a bot net, it waits until you are doing something like on line banking or paying a bill and it connects to anothert computer and gives them your details. Cryptolocker encryptsd all your data files, even down a network, and if you dont poay a ransom the files are lost to you forever.
The FBI, the UK’s National Crime Agency and other international law enforcement agencies have worked together to disrupt the GameOver Zeus botnet and the Cryptolocker ransomware network. More information on how these work can be found at: http://www.nationalcrimeagency.gov.uk/news/news-listings/386-two-week-opportunity-for-uk-to-reduce-threat-from-powerful-computer-attack
How do I know if I have it?
According to the FBI if your computer is affected it may be displaying the following symptoms:
- Your computer system operates very slowly.
- Your cursor moves erratically with no input from you.
- You notice unauthorized logins to your bank accounts or unauthorized money transfers.
- Text-based chat windows appear on your computer’s desktop unexpectedly.
- Your computer files lock up and a ransom demand is made to unlock files.
Internet Service Providers are currently making checks, so it is possible that you may receive notification from them that you are a victim of this malware. If this is the case you will be asked to back up all your important files, photographs, videos.
If you run the normal security procedures you should be protected. We would recommend taking the following actions. Note that most of these are standard common sense behavious::
Standard precautions to prevent malwares
Ensure you have a current active version of anti-virus software and that this anti-virus software is up-to-date. Most of the established anti-virus programs are able to detect and stop the virus – so run a scan. If you are in doubt about whether your anti-virus program is able to detect this virus then we would recommend checking their website and/or contacting your supplier. In our opinion paid-for is better than free, call us and we will explain.
Change your passwords, make them strong and don’t have the same passwords for everything. If your computer has been infected, your passwords may have been compromised. So we recommend you change your passwords as a precaution.
Ensure your Windows software has the latest Security updates.
Backup your important files. Lots of places and plenty of times. Only one copy is asking for trouble.
How do I check and get rid of them?
There are several tools that will remove these but its better to use a general removal tool. The one we favour most is the Trend tool.
If you have any doubts or want personal advice then contact us by any means you favour. I am sure you will find a way!
If you have any suspicions call in you local friendly IT specialist, not a mate down the pub!