Feeds

You've got two weeks to beat off Cryptolocker, GameoverZeus nasties

So say UK cops after control servers for malware battered

Providing a secure and efficient Helpdesk

The UK’s National Crime Agency has warned people have just two weeks to protect themselves against the Cryptolocker ransomware and a strain of the ZeuS password-slurping malware – before both return from the dead.

The alert comes after the cops "disrupted" the systems remotely controlling the software nasties – which could mean anything from knocking them offline to physically seizing machines. The cyber-plod isn't saying.

The NCA worked with the FBI, Europol and other agencies to knackered the command and control (C&C) servers that were managing a major network distributing the GameoverZeuS Trojan and the infamous Cryptolocker ransomware.

NCE operatives warned that it’s only a matter of time before the miscreants behind the botnet set up new C&C servers and regain control.

The agency said the standoff “will give the UK public a unique, two-week opportunity to rid and safeguard themselves” from both GameoverZeuS and Cryptolocker. However, Rik Ferguson, veep of security research at Trend Micro, said in a blog post that folks may not even have that long.

“The ultimate goal of the law enforcement activity is to prevent infected computers from communicating with one another, significantly weakening the criminal infrastructure. While this blow is effective, it is not permanent and we expect the malicious networks to return to their former strength within weeks, if not days,” he warned.

People are being advised to install or update security software and to check that operating systems and applications are up to date. Folks should also back up important data onto unconnected storage, while businesses need to check their incident response and resilience protocols.

More than 15,000 computers in Blighty alone have been hit by the ZeuS malware, which figure includes those hit by the GameoverZeuS and P2PZeuS strains. According to the NCA, ZeuS is responsible for nicking hundreds of millions of pounds globally.

Once downloaded onto a machine, and decrypted, GameoverZeuS starts sniffing around for bank account passwords and other financially sensitive info. If it can’t find anything useful, some strains of the software will “call in” Cryptolocker, a form of ransomware that encrypts the victim's device unless they pay a ransom to have it decrypted. The going rate for the ransom is about one Bitcoin (£200 to £300) in the UK, according to the NCA.

Although ISPs have started advising their users about the threat, the NCA urged users to immediately sort out their security software.

“Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals. By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them,” said Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit.

“Our message is simple: update your operating system and make this a regular occurrence, update your security software and use it and, think twice before clicking on links or attachments in unsolicited emails.” ®

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.