Is your computer ALREADY infected with dangerous Gameover Zeus software? Virus could be lying dormant in thousands of American computers writes Daily Mail Reporter
- Up to one million computers worldwide have been infected by ‘Gameover Zeus’
- The software can lie dormant on computers before draining accounts
- Thousands of American computers may be infected with the malware, which is extremely sophisticated and can evade anti-virus software
- An international police effort has halted the spread of the botnet, giving computer users two weeks to install anti-virus before the virus hits again
A RUSSIAN gang of alleged cyber criminals are thought to be responsible for a potentially devastating computer virus already thought to have emptied bank accounts of nearly £60m worldwide. reports Greg Heffer and Jane Wharton on express.co.uk
Yesterday, the National Crime Agency warned computer users they have just two weeks to protect themselves from the GameOver Zeus, or GOZeuS, and CryptoLocker viruses that threaten to cost the nation millions of pounds.
More than 15,000 people in the UK are already thought to have been infected with dangerous malware.
Law enforcement agencies from around the world have been successful in temporarily disabling the software, thought to be the most powerful ever malicious device uncovered in the internet.
The FBI have revealed they are chasing Evgeniy Bogachev, who is alleged to be the leader of a Russian-based group responsive for the development and operation of GOZeuS and CryptoLocker.
GOZeuS hides within email attachments that when open give computer access to hackers, who use the software to scan devices for valuable information including bank details.
The online tool can then re-direct money to accounts overseas controlled by criminals.
It is thought over $100m (£60m) has been raked in by the potent botnet – a collection of internet-connected programmes communicating with each other.
CryptoLocker is a secondary threat that activates if no valuable data is found, and this malware locks the computer, demanding a ransom to grant access again.
Britons have been urged to check their anti-virus software is up to date and run scans to ensure all applications are running correctly.
Important files such as photos and videos should also be backed up in case computers are locked by CryptoLocker.
A statement on the site’s Facebook page read: “An email seeming to come from someone you know may have actually been sent by malware from an infected computer. Be SO careful what you open.”
The threat applies to Windows operating systems only but not to Windows mobile phones.
The organisation also warned: “If you are running Windows on a virtual machine, this could have been infected.
“The scan/removal tools quoted will work when you have your virtual machine running, even if it is on an Apple Mac computer.
Tony Neate, chief executive of Get Safe Online, today apologised for the site’s outage.
He told online media news site The Drum: “Although we took advance action to increase our website capacity before the announcement was made, there has been an unprecedented demand for the information.
“It’s really encouraging that people are taking their online safety seriously and we are sorry that the advice hasn’t been accessible via the website.
“We’re working really hard fix this as quickly as possible but, in the meantime, the advice can be accessed via our Facebook and Google+ pages as well as on CERT.gov.uk.”
Whether you find online security complicated or confusing, or simply haven’t thought about keeping your personal or office computers safe for a while, now is the time to take action.
Andy Archibald, Deputy Director of the NCA’s National Cyber Crime Unit
Lamar Bailey, director of security research and development at software company Tripwire, said: “The design of these malware packages make it nearly impossible to completely wipe out, but a coordinated attack can cause damage.
“While these organisations are attacking the command and control severs, countries are rolling out a massive consumer education programme to help clean up infected systems and reduce the number of vulnerable systems available for infection.
“The plan is to attack the parasite hard for two weeks while removing as many viable hosts as possible at the same time so that propagation targets will be limited after the attacks subside.
“This will not eliminate the malware but could in theory make it much harder for the operators to use and could cause massive financial loss for them.”
The web has been the victim of several serious security breaches in recent months, with the effects of the Heartbleed bug still being felt.
The bug took advantage of a flaw in the OpenSSL software that is designed to encrypt and protect data as it is exchanged online. Several websites, including parental advice site Mumsnet, were hacked as a result of the flaw.
Andy Archibald, Deputy Director of the NCA’s National Cyber Crime Unit, said: “Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals.
“By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them.
“Whether you find online security complicated or confusing, or simply haven’t thought about keeping your personal or office computers safe for a while, now is the time to take action.
“Our message is simple: update your operating system and make this a regular occurrence, update your security software and use it and, think twice before clicking on links or attachments in unsolicited emails.”
“Those committing cyber crime impacting the UK are often highly-skilled and operating from abroad. To respond to this threat, the NCA is working closely with law enforcement colleagues all over the world, and developing important relationships with the private sector.”