Gameover Zeus and Cryptolocker: how to protect yourself
Security advice site remains offline 24 hours after revelation of Gameover Zeus cyber threat
More than 24 hours after people were told they have just two weeks to protect themselves against an online security threat known as Gameover Zeus, the government website that provides internet safety advice remains offline.
Police in the US and Europe said on Monday that they had disrupted two major online crime sprees that are thought to have netted hundreds of millions of dollars since they began in 2011. Two pieces of malicious software, or malware, known as Gameover Zeus and an associated viral scam known as Cryptolocker were taken offline.
Within hours of the announcements, the UK government's GetSafeOnline website had collapsed under the weight of traffic, and it has yet to provide a stable service. After the site went down, administrators tweeted that they were working to restore the service.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
But a day later, the website is still offline.
In the absence of the official site, the government service has issued further advice via its Twitter account. Tips to web users concerned about their online safety include:
Further advice can be found at cert.gov.uk.
What are Gameover Zeus and Cryptolocker?
Gameover Zeus is a form of malware that uses "spear-fishing" or fake emails to infect target computers with a virus. Once infected, hackers are able to "hijack computer sessions and steal confidential and personal financial information" to funnel money overseas, according to US Attorney for the Western District of Pennsylvania, David Hickton.
The Cryptolocker virus works slightly differently, ABC news reports. When Gameover Zeus cannot locate any financial information on a computer, some strains of the malware will install Cryptolocker – a "ransomware" program that locks a user's machine until a fee is paid, according to the BBC.
The FBI said that it believes Gameover Zeus could be responsible for "financial losses in the hundreds of millions of dollars".
What is being done?
American and European authorities say they have now cracked both threats, with simultaneous raids on servers all around the world, the BBC reports.
"The scale of this operation is unprecedented," said Steve Rawlinson from Tagadab, a web hosting company involved in the raid. "This is the first time we've seen a co-ordinated, international approach of this magnitude, demonstrating how seriously the FBI takes this current threat".
The operation has involved police taking control of a number of servers to prevent criminals from distributing the Gameover Zeus malware. But police warned that there would only be a two-week window of security after which hijackers may move their operations elsewhere.
What should I do?
The UK-based GetSafeOnline, a government-backed organisation has published a list recommendations for users to secure their computers. "This warning is not intended to cause you panic," the organisation said on its website, "but we cannot over-stress the importance of taking these steps immediately".
Security tips from GetSafeOnline
- Install security software from GetSafeOnline's Facebook and Google+ profiles. The free tools will scan your computer to see if you are infected with Gameover Zeus and CryptoLocker, and remove them if necessary.
- Never open attachments unless you are totally confident they are authentic.
- Keep your internet security software up to date.
- Update your Windows operating system with all new Microsoft updates
- Back up your personal files regularly, including photos, documents, music, contacts and notes.
- Never store your passwords on your computer so they cannot be accessed by malware programs
How well have the authorities reacted?
GetSafeOnline has been criticised for the performance of its website, which collapsed under the weight of people trying to access the site. "For many hours it was inaccessible," write BBC technology correspondent Rory Cellan-Jones. "A massive siren had been set off, people were running in all directions, but nobody was telling them where they should be heading."
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
-
Parker Palm Springs review: decadence in the California desert
The Week Recommends This over-the-top hotel is a mid-century modern gem
By Catherine Garcia, The Week US Published
-
The real story behind the Stanford Prison Experiment
The Explainer 'Everything you think you know is wrong' about Philip Zimbardo's infamous prison simulation
By Tess Foley-Cox Published
-
Is it safe for refugees to return to Syria?
Talking Point European countries rapidly froze asylum claims after Assad's fall but Syrian refugees may have reason not to rush home
By Richard Windsor, The Week UK Published
-
How the FBI took down the world's largest zombie 'botnet'
Under the Radar The bot allegedly infected more than 19 million IP addresses across the world
By Justin Klawans, The Week US Published
-
Millions of web users targeted by Russia, intelligence agencies warn
Speed Read UK and US claim Kremlin behind hacking of millions of home and business routers
By The Week Staff Published
-
FBI locked out of 7,000 encrypted devices
Speed Read Internet security tools are ‘a huge, huge problem’ for law enforcement, says FBI director
By The Week Staff Published
-
Yahoo data breach: what you need to do
Speed Read Personal data including names, passwords and security questions of more than 500 million users stolen in 2014
By The Week Staff Last updated
-
Should you cover your webcam? Yes, says FBI
Speed Read FBI director James Comey recommends covering your laptop camera with tape
By The Week Staff Published
-
'North Korean Facebook' hacked by Scottish teen
Speed Read Social network clone StarCon deleted from internet after 18-year-old student correctly guesses admin log-on
By The Week Staff Published
-
Hackers release more stolen nude celebrity photographs
Speed Read Kim Kardashian, Avril Lavigne and Mary-Kate Olsen all targeted in second batch of private images
By The Week Staff Published
-
Nude celebrity photo leak investigated by FBI and Apple
In Depth Hacker claims responsibility for coordinating team which stole nude photos of 101 celebrities
By The Week Staff Last updated