After the takedown of a major botnet, users have a “two-week window” to protect themselves against a powerful computer attack that ransoms people’s data and steals millions of dollars from unsuspecting victims.
If you read our blog, you are familiar with the dangers of the Zeus Trojan and ransomware, and how people get infected. Here’s a quick review:
1. The victim opens a carefully crafted email which is designed to look like it came from their bank or a well-known company.
2. The victim clicks on and runs an email attachment.
3. Malicious software like the one making the news now, Gameover Zeus, releases a Trojan which searches the computer for passwords and financial data.
4. Once Gameover Zeus finds what it’s seeking, cybercrooks instruct CryptoLocker, ransomware software, to hijack the computer, encrypt the files, and demand payment for it to be unlocked. To get access to your computer again, you must pay a ransom within a set amount of time.
5. Once infected, the computer becomes part of the global botnet.
The good news
Led by the FBI, agents from Europol and the UK’s National Crime Agency (NCA) brought two computer networks that used the Gameover Zeus botnet and Cryptolocker ransomware to infect up to a million computers and cost people more than $100 million under control of the good guys.
The bad news
Why the two-week window?
This window is based on the amount of time the FBI thinks they can ”hold the upper-ground against the cybercriminals.” Two weeks should be enough time for computer users to update their operating system software and security software and disconnect infected computers.
Steps to take now to protect your computer
The FBI, along with the Department of Justice, announced a multinational effort on their website that has disrupted a botnet called GameOver Zeus. GameOver Zeus has infected millions of Internet users around the world and has stolen millions of dollars.
The UK’s National Crime Agency (NCA) has worked closely with the FBI to crack down on the GameOver Zeus botnet. The NCA has given infected users a two week window to get rid of the malware and those lucky enough to have thus far been spared, the opportunity to safeguard themselves against future attacks. The two week window is an estimation on how long it will take cybercriminals to build a new botnet. The FBI has stated on their website that GameOver’s botnet is different from earlier Zeus variants in that the command and control infrastructure communicates peer-to-peer, rather than from centralized servers. This means that any infected computer can communicate controls to other infected devices. If cybercriminals build a new botnet, which will likely happen, the new botnet can resurrect dormant infected machines and continue to infect new users while stealing financial and personal information from innocent victims.
Do you really have two weeks, and what should you do?
Who knows how long it may take for a new botnet to emerge; it could appear tomorrow or in two weeks. People should not take this threat lightly and should act immediately. Read more…