Game over Zeus.
The action related to
a strain of malware - meaning malicious software.
Malware is typically
downloaded by unsuspecting users via what is known as a phishing attack,
usually in the form of an email that looks like it comes from somewhere
legitimate - such as a bank - when it fact it is designed to trick a person
into downloading malicious software.
Once installed on a
victim's machine, Game over Zeus will search specifically for files containing
financial information.
If it cannot find
anything it deems of worth, some strains of Game over Zeus will then install
Crypto-locker - a ransom-ware program that locks a person's machine until a fee
is paid.
The FBI said Game over
Zeus could be responsible for "financial losses in the hundreds of
millions of dollars".
Global
action
In what has been
described as the biggest ever operation of its kind, servers all over the world
were raided simultaneously by the authorities.
"The scale of
this operation is unprecedented," said Steve Rawlinson from Taga-dab, a
web hosting company involved in the take-down effort.
"This is the
first time we've seen a co-ordinated, international approach of this magnitude,
demonstrating how seriously the FBI takes this current threat."
Rory Cellan-Jones
reports on a "powerful computer attack", which people have two weeks
to protect themselves from
The action meant the
authorities could direct what are known as Command and Control (C&C)
servers - the machines that control the operation of the bot-net.
With the C&C
servers under police control, criminals should temporarily be unable to manage
the computers they hijacked - but only until they are able to set-up new
C&C servers elsewhere.
All computer users are
being urged to make sure that the malware has not infected their machines.
"This warning is
not intended to cause you panic but we cannot over-stress the importance of
taking these steps immediately," said UK-based Get Safe Online, a government-backed organisation
that has published a list of software it recommends for the task.
"This is because
the UK's NCA has taken temporary control of the communications used to connect
with infected computers, but expects only a very limited window of opportunity
to ensure you are protected."
Technical problems
caused some users to become unable to access the Get Safe Online website on
Monday afternoon.
A spokesman said: "We have been
overwhelmed by the interest of those trying to take action to protect
themselves by visiting our page.
"We are sorry about this and are working
very hard to make the page available as quickly as possible. In the meantime,
the advice can be accessed via our Facebook and Google+ pages."
More detailed information on the threat was published by the US Computer
Emergency Readiness Team (Cert).
'Quarantined
computers'
Following a slew of
high-profile hack attacks in recent weeks - including eBay, Spotify and shoe
retailer Office - security expert Rik Ferguson raised concerns that computer
users might be suffering from "notification fatigue".
However, he stressed
that this operation was more targeted, and should not be ignored.
"I think one of
the things that is really critical with this operation is that if people are
infected, it's going to be completely invisible to them," the Trend Micro
security researcher said.
The FBI said cooperation
with Russian authorities had been "productive"
"One of the
strengths of this operation is not only that it involved organisations around
the world, but that it involved the ISPs as well.
"The ISPs will go
out and pro-actively notify any of their customers who are infected."
He suggested that
machines known to be infected by serious malware should be placed in a
quarantined environment until the threat was removed.
"Making it
uncomfortable, if not impossible, to use the internet is one of the most
effective ways to do that," he said.
Hi-tech
crime terms
- Bot
- one of the individual computers in a bot-net; bots are also called
drones or zombies
- Bot-net
- a network of hijacked home computers, typically controlled by a criminal
gang
- Malware
- an abbreviation for malicious software ie a virus, Trojan or worm that
infects a PC
- Ransom ware - like malware, but
once in control it demands a fee to unlock a PC
This also relates to
your mobile phone, if you use it for on line or to access your PC at home or
Office / Business.
- Make sure all of your files including documents, photos, music and bookmarks are backed up and readily available in case you are no longer able to access them on your computer
- Never
store passwords on your computer in case they are accessed by Game-over
Zeus or another aggressive malware program
- Be weary of clicking on LINKS in an Email, as this may send you to a hacker/ spoof site.
- When installed! This also collects your social media info, scanning for subject matter to help Infiltrate, this could be some security info you have stored on your social site.
No comments:
Post a Comment