As International crime agencies have warned computer users that they have just two weeks to protect themselves against the latest malware, ITbuilder takes a look at GameOver Zeus and Cryptolocker ransomware and advises you what you should do now.

It’s been a bad year for computer viruses and security scares and just as we recover from Heartbleed it seems we have another threat looming. A variation of the old password stealing malware Zeus is back and GameOver Zeus now uses very sneaky encryption to dodge standard firewall systems leaving users susceptible to attack. GameOver Zeus targets passwords and financial documents making it nasty for most computer users and is especially worrying for large corporations.

Because the EXE type file which was linked to GameOver Zeus will now be picked up by anti-virus software, the authors of the malware have begun to encrypt the file to distribute it as an ENC non executable file. This presents your computer system with a file which seems normal and may not be picked up by your anti virus software, making it particularly dangerous.

What is Malware?

Malware means malicious software, like a virus, which is usually downloaded voluntarily by users who think it is a legitimate file. This process is called phishing because the email usually contains seemingly innocent attachments or links such as “family photos”, "your invoice" or “PayPal information” but once you click download, you could be unleashing a whole load of nasties onto your pc.  

What is Ransomware?

Ransomware such as Cryptolocker is installed by malware such as GameOver Zeus and can encrypt all of your data making it inaccessible to you until you have paid a fee to the criminals behind the virus. In recent days, users hit with Cryptolocker have reported various results from paying the ransom (around £300). Some have been allowed to access their documents and others haven’t. Regardless, don’t forget that a criminal organisation is behind the ransomware so they are not necessarily going to release your data.

ITbuilder Says:

It is easy to panic when faced with such a huge security threat. None of us know whether it will in fact cause widespread damage so all we can do is prepare as best we can.

  1. Always exercise extreme caution when opening attachments from unknown or unusual senders. Common sense in place of curiosity is always the first line of defence. Your bank will never ask you for your password on email. Similarly government agencies and financial institutions will not ask you to follow a link on an email to log in. If in doubt, don’t open it and instead contact the company to ask if it is a legitimate message and immediately notify your IT support provider.
  2. If you have passwords stored in documents on your PC, remove them immediately and look into using a password manager. For more information of good password practice, read this.
  3. Ask your IT service provider to check your message scanning service is working and if you do not have one then immediately arrange to have one installed for in and outbound messages.
  4. Use a good quality desktop antivirus/anti-malware software product such as NOD32 from ESET. Speak to our team now for more information.
  5. Always allow your anti-virus to run the necessary updates and if you are concerned that your PC is not behaving as it should, then choose a more detailed scan of your machine.
  6. Make sure your Windows operating system has the latest Microsoft updates installed to ensure the utmost security without any loopholes. Point 4-6 will managed centrally and monitored by IT service provider, if you have one.
  7. Employ a robust backup solution to protect your data. If all of the above fails then this is the last line of defence. Again, speak to us if you have any concerns about how well your data is being backed up.

The above steps are considered the bare minimum for adequate IT security these days. There are also additional layers of monitoring and scanning that can be added into your systems to further strengthen security such as file encryption, web activity monitoring/filtering and intrusion detection systems. For more information or to chat about ways to secure your system contact the team at ITbuilder now.