After the takedown of a major botnet, users have a “two-week window” to protect themselves against a powerful computer attack that ransoms people’s data and steals millions of dollars from unsuspecting victims.
If you read our blog, you are familiar with the dangers of the Zeus Trojan and ransomware, and how people get infected. Here’s a quick review:
1. The victim opens a carefully crafted email which is designed to look like it came from their bank or a well-known company.
2. The victim clicks on and runs an email attachment.
3. Malicious software like the one making the news now, Gameover Zeus, releases a Trojan which searches the computer for passwords and financial data.
4. Once Gameover Zeus finds what it’s seeking, cybercrooks instruct CryptoLocker, ransomware software, to hijack the computer, encrypt the files, and demand payment for it to be unlocked. To get access to your computer again, you must pay a ransom within a set amount of time.
5. Once infected, the computer becomes part of the global botnet.
The good news
Led by the FBI, agents from Europol and the UK’s National Crime Agency (NCA) brought two computer networks that used the Gameover Zeus botnet and Cryptolocker ransomware to infect up to a million computers and cost people more than $100 million under control of the good guys.
The bad news
As we explained in our blog post yesterday, GameOver Zeus May not be as Over as You Think, cybercrooks could conceivably build another botnet to replace the ones that were shut down.
Why the two-week window?
This window is based on the amount of time the FBI thinks they can ”hold the upper-ground against the cybercriminals.” Two weeks should be enough time for computer users to update their operating system software and security software and disconnect infected computers.
Steps to take now to protect your computer
GetSafeOnline.org in cooperation with the NCA has created an information page to help you protect your computer, your finances, your identity and your family against a new global online threat. The threat is targeted at random private individuals and small businesses, so it is critical that you read this page and apply the advice immediately if you have a computer running any version of the Windows operating system – including Windows running as a virtual machine on an Apple Mac, any server running Windows and Windows embedded. Take the steps on this page and below, and you will be protected.
- Install antivirus protection on your computer. More than half the UK population aren’t taking actions to keep themselves safe online. The National Cyber Security Consumer Tracker reports that 56% of Britains have inadequate internet security. What are you waiting for? avast! Free Antivirus is FREE. GET protected now
- Make sure you have updated antivirus software on your computer. The latest version of avast! Antivirus is 2014.9.0.2018. Make sure you have the current version by opening the avast! dashboard, then click Settings (the gear icon), then Update. If you are not up-to-date, please click Update.
- Back up your precious files. A back-up comes under the heading of prevention, so it’s too late if you are infected with ransomware. Along with nasty malware, computers have hardware failures, get zapped by lightning, dropped or any number of other disasters, so having a back-up of your documents, pictures, movies and music makes good sense. avast! BackUp lets you recover your memories in case of emergency.
- Keep your operating system and application software up-to-date. Run avast! Software Updater to show you an overview of all your outdated software applications. This blog post, How do I use the new Software Updater in avast 8?, will help you. You can also view a video tutorial.
- Have strong passwords, and don’t use the same passwords for everything. After back-to-back hacks like Target, Heartbleed, and eBay, this should be the first thing you do, but we understand that changing your password every time something happens is annoying. Check out our tips or use a password management system like avast! EasyPass.
- Get rid of unnecessary toolbars. Pesky toolbars get installed when you download free software. They can reset browser settings and change your default search provider. Avast! Browser Cleanup will help you rid yourself of this nuisance. Open your avast! dashboard and let it analyze your browser plugins.
- Protect yourself from spying. avast! SafeZone opens a new isolated browser which can’t be infected with spyware and isn’t susceptible to keyloggers. This makes it useful for online banking and other sensitive activities.
- Only download software—especially free software—from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars).
- Don’t open attachments in unsolicited emails, even if they come from people in your contact list, and never click on a URL contained in an email, even if you think it looks safe. Instead, close out the email and go to the organization’s website directly.
Your ISP may send you a letter
UK citizens: Your Internet Service Provider (ISP) is working with the NCA, so they will be notified if your computer is infected, and in turn send you an email. Follow the advice on this page right away.
Cybercrooks will take advantage of the situation to send “phishing emails,” so check where it came from and the links you are supposed to click. If you get an email from someone claiming to be your ISP, make absolutely certain that it is genuine before opening a link. As we advised above, it’s safer to go directly to the website. Also be aware that similar emails, which appear to have been sent by a friend, family member or colleague, could be sent automatically by a computer infected with the Zeus malware and ransomware.
Report a loss
If you think you have lost money through malware such as Gameover Zeus and CryptoLocker, you should report it to Action Fraud at www.actionfraud.police.uk or by calling 0300 123 2040.
U.S. victims of Gameover Zeus can find assistance at https://www.us-cert.gov/gameoverzeus, a site created by the Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT).
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.