Gameover Zeus and Cryptolocker: how to protect yourself

More than 24 hours after people were told they have just two weeks to protect themselves against an online security threat known as Gameover Zeus, the government website that provides internet safety advice remains offline.

Police in the US and Europe said on Monday that they had disrupted two major online crime sprees that are thought to have netted hundreds of millions of dollars since they began in 2011. Two pieces of malicious software, or malware, known as Gameover Zeus and an associated viral scam known as Cryptolocker were taken offline.

Within hours of the announcements, the UK government's GetSafeOnline website had collapsed under the weight of traffic, and it has yet to provide a stable service. After the site went down, administrators tweeted that they were working to restore the service.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

But a day later, the website is still offline.

In the absence of the official site, the government service has issued further advice via its Twitter account. Tips to web users concerned about their online safety include:

Further advice can be found at cert.gov.uk.

What are Gameover Zeus and Cryptolocker?

Gameover Zeus is a form of malware that uses "spear-fishing" or fake emails to infect target computers with a virus. Once infected, hackers are able to "hijack computer sessions and steal confidential and personal financial information" to funnel money overseas, according to US Attorney for the Western District of Pennsylvania, David Hickton.

The Cryptolocker virus works slightly differently, ABC news reports. When Gameover Zeus cannot locate any financial information on a computer, some strains of the malware will install Cryptolocker – a "ransomware" program that locks a user's machine until a fee is paid, according to the BBC.

The FBI said that it believes Gameover Zeus could be responsible for "financial losses in the hundreds of millions of dollars".

What is being done?

American and European authorities say they have now cracked both threats, with simultaneous raids on servers all around the world, the BBC reports.

"The scale of this operation is unprecedented," said Steve Rawlinson from Tagadab, a web hosting company involved in the raid. "This is the first time we've seen a co-ordinated, international approach of this magnitude, demonstrating how seriously the FBI takes this current threat".

The operation has involved police taking control of a number of servers to prevent criminals from distributing the Gameover Zeus malware. But police warned that there would only be a two-week window of security after which hijackers may move their operations elsewhere.

What should I do?

The UK-based GetSafeOnline, a government-backed organisation has published a list recommendations for users to secure their computers. "This warning is not intended to cause you panic," the organisation said on its website, "but we cannot over-stress the importance of taking these steps immediately".

Security tips from GetSafeOnline

• Install security software from GetSafeOnline's Facebook and Google+ profiles. The free tools will scan your computer to see if you are infected with Gameover Zeus and CryptoLocker, and remove them if necessary.
• Never open attachments unless you are totally confident they are authentic.
• Keep your internet security software up to date.
• Update your Windows operating system with all new Microsoft updates
• Back up your personal files regularly, including photos, documents, music, contacts and notes.
• Never store your passwords on your computer so they cannot be accessed by malware programs

How well have the authorities reacted?

GetSafeOnline has been criticised for the performance of its website, which collapsed under the weight of people trying to access the site. "For many hours it was inaccessible," write BBC technology correspondent Rory Cellan-Jones. "A massive siren had been set off, people were running in all directions, but nobody was telling them where they should be heading."