Two weeks to save your computer from major cyber attack.

Uploaded on 2014-06-27 in TECHNOLOGY--Hackers


Computer users have under two weeks to save themselves from a cyber attack blamed for millions of pounds of fraud across the world.
The National Crime Agency teamed up with the FBI and other cybercrime experts to take down a criminal network’s ‘command-and-control’ – but admit they cannot keep it down for long.
More than 15,500 British computers have already been invaded. Many more, running on Windows, remain under threat from ‘botnets’, which can steal money from accounts without users’ knowledge.
In the US alone, gangs are thought to have taken $500million in fraudulent transactions in 2013.
It is not just bank details being targeted; webcams can be used to spy on you, and criminals may also seek to gain money through holding photographs, email accounts or information to ransom.
The gangs are thought to be based in Russia or Eastern Europe, using malware such as Gameover Zeus, GOZeus, or P2PZeus, and ransomware CryptoLocker. The FBI last night described the alleged ringleader, Evgeniy Bogachev, as one of the most active cyber criminals in the world and issued a ‘most wanted’ poster to seek his arrest.
The criminal network was discovered in 2011, and seizing it temporarily in Operation Tovar is said to have been ‘extremely costly’.
The NCA urged people to tighten their software security. It said its warning was not intended to cause panic but added: ‘We cannot over-stress the importance of taking these steps immediately.’
Steve Rawlinson, whose company Tagadab helped target the network said the criminals could get around the take-down in as little as a week. ‘The scale of this operation is unprecedented,’ he added.
Related Links:
http://metro.co.uk/2014/06/02/two-weeks-to-save-your-computer-from-major-cyber-attack-4747797/

http://www.independent.co.uk/life-style/gadgets-and-tech/news/gameover-zeus-computer-users-given-twoweek-warning-over-virus-threat-9474878.html

Russian wanted over cybercrime botnet

The US has charged a Russian man with being behind a major cybercrime operation that affected individuals and businesses worldwide.
Evgeniy Bogachev, said to be known as "lucky12345" and "slavik", is accused of being involved in attacks on more than a million computers.
The charges came as authorities seized control of a botnet used to steal personal and financial data.
Computer users were urged to run checks to protect themselves from the threat.
In a press conference held on Monday, the US Department of Justice said it believed Mr. Bogachev was last known to be residing in Anapa, Russia.
Cooperation with Russian authorities had been "productive", a spokesman added.
In an entry added to the FBI's Cyber Most Wanted list, it stated: "He is known to enjoy boating and may travel to locations along the Black Sea in his boat."
His charges, filed in a court in Pittsburgh, included conspiracy, wire, bank and computer fraud, and money laundering.
The UK's National Crime Agency (NCA) said people probably had "two weeks" before the criminals would get the botnet functioning again, and posted advice on how to best protect computers.
Internet service providers (ISPs) will be contacting customers known to have been affected by either letter or email. The first notices were sent out on Monday, the BBC understands.

Advice from Get Safe Online
            *Install internet security software from companies listed on Get Safe Online's Facebook and Google+ profiles to download a free tool to scan for Gameover Zeus and CryptoLocker, and remove them from your computer
            *Do not open attachments in emails unless you are 100% certain that they are authentic
            *Make sure your internet security software is up-to-date and switched on at all times
            *Make sure your Windows operating system has the latest Microsoft updates applied
            *Make sure your software programs have the latest manufacturers' updates applied
            *Make sure all of your files including documents, photos, music and bookmarks are backed up and readily available in case you are no longer able to access them on your computer
            *Never store passwords on your computer in case they are accessed by Gameover Zeus or another aggressive malware program
------------------------------------------------------------------------------------------
The action related to a strain of malware - meaning malicious software - known as Gameover Zeus.
Malware is typically downloaded by unsuspecting users via what is known as a phishing attack, usually in the form of an email that looks like it comes from somewhere legitimate - such as a bank - when it fact it is designed to trick a person into downloading malicious software.
Once installed on a victim's machine, Gameover Zeus will search specifically for files containing financial information.
If it cannot find anything it deems of worth, some strains of Gameover Zeus will then install Cryptolocker - a ransomware program that locks a person's machine until a fee is paid.
----------------------------------------------------------------------------------------
Hi-tech crime terms
            Bot - one of the individual computers in a botnet; bots are also called drones or zombies
            Botnet - a network of hijacked home computers, typically controlled by a criminal gang
            Malware - an abbreviation for malicious software i.e. a virus, Trojan or worm that infects a PC
            Ransomware - like malware, but once in control it demands a fee to unlock a PC

Related Link:
    
    http://www.bbc.co.uk/news/technology-27668260

 

 

« Exposing Cybersecurity Cracks: A Global Perspective
Massive eBay Hack – 145m Users Affected »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Samsung Knox

Samsung Knox

Samsung Knox brings multi-layered defence-grade security to your business’s smartphones and tablets.

MAY Cyber Technology

MAY Cyber Technology

MAY Cyber Technology is a Security Management solutions provider located in Turkey & Germany.

Cyber Security Audit Corp (C3SA)

Cyber Security Audit Corp (C3SA)

C3SA specializes in architecting, operating, managing and improving defensible and resilient IT infrastructures for Canada's public and private sectors.

Sequoia Capital

Sequoia Capital

Sequoia Capital is a venture capital firm focused mainly on technology. We partner both with young companies finding their stride and established ones looking for growth.

Strategic Cyber Ventures (SCV)

Strategic Cyber Ventures (SCV)

SCV grow cybersecurity companies that disrupt advanced cyber adversaries and revolutionize the cyber product marketplace.

Cube 5

Cube 5

The Cube 5 incubator, located at the Horst Görtz Institute for IT Security (HGI), supports IT security startups and people interested in starting a business in IT security.

Meterian

Meterian

The Meterian Platform is a fuss-free solution to protect you against vulnerabilities in your app’s software supply chain.

SEMNet

SEMNet

SEMNet is an IT solutions provider and an infrastructure and security consulting firm.

Tromzo

Tromzo

Tromzo's mission is to eliminate the friction between developers and security so you can scale your application security program.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.

Eventus Security

Eventus Security

Eventus, are a team of highly skilled professionals who are committed to deliver excellence in next generation cyber security services and customized solutions for your enterprise.

Gutsy

Gutsy

Gutsy uses process mining to help organizations visualize and analyze their complex security processes to understand how they actually run, based on observable event data.

Klarytee

Klarytee

Protect your data wherever it goes. Klarytee is a SaaS platform that builds security into sensitive content to enable granular control in AI, public cloud and SaaS.

Staley Technologies

Staley Technologies

Staley Technologies is a US nationwide structured cabling, technology integrator, and Managed IT & Cyber Security provider.

OpenZiti

OpenZiti

OpenZiti is the world’s most used and widely integrated open source secure networking platform. OpenZiti provides both zero trust security and overlay networking as pure open source software.

Cyro Cyber

Cyro Cyber

Cyro Cyber is a collective of some of the UK’s most experienced and savvy cybersecurity, information assurance, data protection, IT governance and compliance experts.