THE BLOG

It's Not Quite 'Game Over' for GOZeus and CryptoLocker - But You Can Stay Protected

18/06/2014 13:51 BST | Updated 18/08/2014 10:59 BST

The names GameOver Zeus and ransomware CryptoLocker may be familiar to you due to recent stories in the news. Although the terms may seem alien, the issue is very real and has the ability to affect each and every one of us.

In a nutshell, GameOver Zeus' aim is to steal financial information. And, if it doesn't get enough valuable data it will resort to CryptoLocker, which in turns looks to lock people's computers and hold them at ransom - resulting in great financial gains for cybercriminals.

The global cybercrime duo, whose aim is to cause serious financial losses, has left many people in a panic. Banking Trojans and ransomware such as these are not uncommon, but the difference in this case is that the police managed to stop the botnet in its tracks, at least temporarily. By doing so, they have the uncommon advantage of being able to warn people and give them some breathing space to try to protect and clean up their systems before the cybercriminals put in place new servers to regain control of the malware.

The police's estimated period of rest is almost up. The cybercriminals are predicted to take back control of the malware very soon - but are you prepared? If you haven't yet fully protected your computer, please see below my advice on how to do this simply and quickly:

• Make sure your computers, tablets and mobile phones have up-to-date security software;

• If you don't currently have any security software installed, you can download it from our online store;

• Take a backup of all important documents and files - this is vital as CyptoLocker will encrypt all your files and you will be unable to retrieve them;

• Don't click on any suspicious or unknown links or attachments.

However, in this 'breathing space' cybercriminals haven't been resting. On the one hand, they may well be looking for new servers to reignite GOZeus and CryptoLocker. But some have also been creating copycat malware, this time targeting mobiles.

For example, there's a new mobile Trojan called Svpeng which combines the functionality of financial malware with ransomware capabilities (see blog on Securelist). This Trojan, which has been around for some time, has previously focused on victims in Russia. But this latest version targets mainly US victims (although people in the UK, Switzerland, Germany, India and Russia have also been affected). This is the first time that the cybercriminals behind this well-known money-stealing Trojan have turned their attention to other markets and today more than 91 per cent of attacks using this Trojan target English-language users. As with mobile malware generally, this malware targets Android devices, and tries to extort money from its victims by blocking access to the device and demanding money to unblock it. It's evident that cybercriminals now see mobiles as an attractive target and are employing techniques that have already proven to be lucrative when implemented on PCs and laptops.

The trouble is, people are much less aware of the threat to mobile devices. Smartphone ownership in the UK is currently at 59 per cent, with one in three households owning tablets and yet device protection is a subject that constantly flies under the radar. Yet the quantity of mobile malware is increasing at an alarming rate. In just the first quarter of 2014, we saw half the number of mobile malware samples (100,000) that we'd seen since during the period 2004-13. If this trend continues, this means the quantity of mobile malware will increase by 100 per cent by the end of the year.

So it seems that it's not only your PC and laptop you need to think about protecting. I've also pulled together some simple tips on how to help you protect your smartphone:

• Don't 'jailbreak' or 'root' your device;

• Use a PIN or (even better) a long passcode;

• Don't install apps from untrusted sources;

• Avoid public Wi-Fi for confidential transactions;

• Don't store sensitive data on the device and make sure you backup important data.

Sometimes it takes scares such as this for people to realise that they too are at risk of being targeted by cybercriminals. So why not keep yourself prepared at all times - prevention is better than cure!