Two weeks to save your computer from major cyber attack.

Uploaded on 2014-06-27 in TECHNOLOGY--Hackers


Computer users have under two weeks to save themselves from a cyber attack blamed for millions of pounds of fraud across the world.
The National Crime Agency teamed up with the FBI and other cybercrime experts to take down a criminal network’s ‘command-and-control’ – but admit they cannot keep it down for long.
More than 15,500 British computers have already been invaded. Many more, running on Windows, remain under threat from ‘botnets’, which can steal money from accounts without users’ knowledge.
In the US alone, gangs are thought to have taken $500million in fraudulent transactions in 2013.
It is not just bank details being targeted; webcams can be used to spy on you, and criminals may also seek to gain money through holding photographs, email accounts or information to ransom.
The gangs are thought to be based in Russia or Eastern Europe, using malware such as Gameover Zeus, GOZeus, or P2PZeus, and ransomware CryptoLocker. The FBI last night described the alleged ringleader, Evgeniy Bogachev, as one of the most active cyber criminals in the world and issued a ‘most wanted’ poster to seek his arrest.
The criminal network was discovered in 2011, and seizing it temporarily in Operation Tovar is said to have been ‘extremely costly’.
The NCA urged people to tighten their software security. It said its warning was not intended to cause panic but added: ‘We cannot over-stress the importance of taking these steps immediately.’
Steve Rawlinson, whose company Tagadab helped target the network said the criminals could get around the take-down in as little as a week. ‘The scale of this operation is unprecedented,’ he added.
Related Links:
http://metro.co.uk/2014/06/02/two-weeks-to-save-your-computer-from-major-cyber-attack-4747797/

http://www.independent.co.uk/life-style/gadgets-and-tech/news/gameover-zeus-computer-users-given-twoweek-warning-over-virus-threat-9474878.html

Russian wanted over cybercrime botnet

The US has charged a Russian man with being behind a major cybercrime operation that affected individuals and businesses worldwide.
Evgeniy Bogachev, said to be known as "lucky12345" and "slavik", is accused of being involved in attacks on more than a million computers.
The charges came as authorities seized control of a botnet used to steal personal and financial data.
Computer users were urged to run checks to protect themselves from the threat.
In a press conference held on Monday, the US Department of Justice said it believed Mr. Bogachev was last known to be residing in Anapa, Russia.
Cooperation with Russian authorities had been "productive", a spokesman added.
In an entry added to the FBI's Cyber Most Wanted list, it stated: "He is known to enjoy boating and may travel to locations along the Black Sea in his boat."
His charges, filed in a court in Pittsburgh, included conspiracy, wire, bank and computer fraud, and money laundering.
The UK's National Crime Agency (NCA) said people probably had "two weeks" before the criminals would get the botnet functioning again, and posted advice on how to best protect computers.
Internet service providers (ISPs) will be contacting customers known to have been affected by either letter or email. The first notices were sent out on Monday, the BBC understands.

Advice from Get Safe Online
            *Install internet security software from companies listed on Get Safe Online's Facebook and Google+ profiles to download a free tool to scan for Gameover Zeus and CryptoLocker, and remove them from your computer
            *Do not open attachments in emails unless you are 100% certain that they are authentic
            *Make sure your internet security software is up-to-date and switched on at all times
            *Make sure your Windows operating system has the latest Microsoft updates applied
            *Make sure your software programs have the latest manufacturers' updates applied
            *Make sure all of your files including documents, photos, music and bookmarks are backed up and readily available in case you are no longer able to access them on your computer
            *Never store passwords on your computer in case they are accessed by Gameover Zeus or another aggressive malware program
------------------------------------------------------------------------------------------
The action related to a strain of malware - meaning malicious software - known as Gameover Zeus.
Malware is typically downloaded by unsuspecting users via what is known as a phishing attack, usually in the form of an email that looks like it comes from somewhere legitimate - such as a bank - when it fact it is designed to trick a person into downloading malicious software.
Once installed on a victim's machine, Gameover Zeus will search specifically for files containing financial information.
If it cannot find anything it deems of worth, some strains of Gameover Zeus will then install Cryptolocker - a ransomware program that locks a person's machine until a fee is paid.
----------------------------------------------------------------------------------------
Hi-tech crime terms
            Bot - one of the individual computers in a botnet; bots are also called drones or zombies
            Botnet - a network of hijacked home computers, typically controlled by a criminal gang
            Malware - an abbreviation for malicious software i.e. a virus, Trojan or worm that infects a PC
            Ransomware - like malware, but once in control it demands a fee to unlock a PC

Related Link:
    
    http://www.bbc.co.uk/news/technology-27668260

 

 

« Exposing Cybersecurity Cracks: A Global Perspective
Massive eBay Hack – 145m Users Affected »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Centre - University of Hertfordshire

Cyber Security Centre - University of Hertfordshire

The Cyber Security Centre provides training, teaching and research in the fast paced topics of cyber security and digital forensics.

ZeroFox

ZeroFox

ZeroFox safeguards modern organizations from dynamic security risks across social, mobile, surface, deep and dark web, email and collaboration platforms.

CLUSIL

CLUSIL

CLUSIL is an association for the information security industry in Luxembourg.

Parsons

Parsons

Parsons has developed a converged security offering that combines cybersecurity, integrated network solutions, and critical infrastructure protection.

TechVets

TechVets

TechVets is a non-for-profit helping UK veterans and service leavers retrain into Cyber Security and Technology jobs.

CopSonic

CopSonic

Copsonic provide a technology solution based on ultrasonic waves to send secure and encrypted data between two devices in order to achieve authentication.

Vigilant Software

Vigilant Software

Vigilant Software develops industry-leading tools for intelligent, simplified compliance, including ISO27001-risk management and EU GDPR.

AttackIQ

AttackIQ

AttackIQ delivers continuous validation of your enterprise security program so you can strengthen your security posture and your response capabilities.

Citalid

Citalid

The Citalid cyber risk management platform combines threat and business intelligence to identify the risks scenarios you face.

Silent Quadrant

Silent Quadrant

Silent Quadrant delivers incomparable cybersecurity consulting, digital transformation, and risk management within our purpose-driven clients - empowering them to be the most resilient entities.

Protect AI

Protect AI

Protect AI is a cybersecurity company focused on AI & ML systems. Through innovative security products and thought leadership in MLSecOps, we help our customers build a safer AI powered world.

Security Discovery

Security Discovery

Stay ahead of cyber threats with Security Discovery. We offer expert consulting, comprehensive services, and a powerful vulnerability monitoring SaaS platform.

CyberGrape

CyberGrape

CyberGrape is a client centric managed services company, providing enterprise leading security solutions and helping companies through their IT risk and security challenges.

CyberAntix

CyberAntix

CyberAntix offers Premium CyberSecurity for your business using an advanced Security Operations Centre technology and process platform reinforced by a steadfast and expert SOC team.

Bastion Security Group

Bastion Security Group

Bastion Security combines the skills, expertise and leadership from Quantum Security, ZX Security, Helix Security and Cassini.

aiComply

aiComply

aiComply's AI-driven platform offers automated intelligence for an efficient cybersecurity compliance workflow, eliminating onerous manual and time-consuming paperwork.