Security Update – GameOver Zeus and CryptoLocker Attacks

There have been many articles in the news and media recently relating to these attacks.  This security update is a quick overview regarding these attacks and includes additional information to explore the best ways to protect yourself and your business from becoming a victim. GameOver Zeus is designed to intercept transactions during banking sessions. CryptoLocker is a form of ransomeware that encrypts customers’ data rendering it inaccessible and demanding payment to decrypt.

Protecting yourself and your network:

Backup Protection
Above all, make sure your data is always backed up. Customers with our Disaster Recovery Backup Service can be assured that should they be attacked, although disruptive, information and data can be recovered.

Email attachments and weblinks
No matter how well you are protected the usual advice around opening attachments and clicking download links, still applies.  Do not open attachment or click download links unless you are expecting them and are confident of the source.

Updated virus protection
Ensure that your computers, email and gateway protection is fully up-to-date.  As well as active protection, make sure you are running regular full scans of your computers.

Password policies
Critically, use strong passwords and change them on a regular basis.

Tools and applications:

Symantec Removal Tool
This tool is designed to remove the infection of the GameOver variant of Trojan, Zbot:

EMET (The Microsoft Enhanced Mitigation Experience Toolkit)
Useful tool released by Microsoft:

 McAfee Stinger
This is not a substitute for anti-virus but is a great tool for administrators and users to scan an infected computer:

Microsoft Safety Scanner
Another useful tool released by Microsoft to run an on-demand scan:

Other useful links

National Crime Agency Website

Get Safe Online