GOZeuS and Cryptolocker – understand more about this malware and how to protect yourself

There are days when I wonder if our lives are really enhanced by the internet and technology. Instead of the dreams of the 70’s and 80’s where computers would give us more free time, we have ended up as slaves to the machines.

So what bought on this George Orwell moment, well it’s another MALWARE ATTACK.  I have a list of things you are advised to do below but in reality they are all just common sense.  Yet again strong passwords are encouraged.  We are all guilty of laziness in this area and it will be our downfall.

Because passwords are so important I use software to mange them as I just can’t remember everything I need to.  My software creates and stores secure 10 digit (or any length) passwords that I then use online. All I have to remember is one “master password” (super secure obviously) and my online life is far more secure.  The cost of this is just $20 a year and you get it on your computer, phone and tablet. The product is called Roboform and it will change your online life.  You can try it for free or buy it now! And no I don’t have any affiliation. It is truly superb and has lots of other benefits that I won’t bore you with here. Call me if you’d like to discuss this.

So to GOZeuS and Cryptolocker

The National Crime Agency (NCA) has issued a warning regarding two pieces of malware software known as GOZeuS and Cryptolocker. It has been discovered that this malware software is the cause of potentially one of the most dangerous malware attacks in internet history – potentially putting millions of individuals and business in the UK at risk. It is estimated that over 1 million computers worldwide are already infected with GOZeuS and Cryptolocker, of which over 15,500 are UK based, and over £60 million has already been stolen.

This software exploits vulnerabilities on your PC to install software that can capture bank details or re-direct money transfers, steal personal data from your computer and send it to a third party.

It is estimated that you have a maximum of 12 days to take steps to protect yourself. After this time the NCA anticipates the malware will have been adapted to overcome the counter measures they have in place.  Put simply for once the government bodies in several continents have worked together to shut down the controlling servers but they reckon it’s just 2 weeks before the perpetrators are able to get new servers running.  It’s a small window you can use to clean up your system.

Here is a list of action you should take now:

• Ensure your system software is up-to-date, Window, MAC, Server software, your CMS, etc.
• Make sure your internet security software (including Anti-virus, Anti-malware and firewall software) is up-to-date.
• Never open the attachments in emails sent from unknown senders.
• Take care to look out for Phishing emails. Your bank will never ask you for password info and if the email gives a link to a login page  ignore it and use your normal way of accessing your bank or other login.
• Avoid storing passwords on your computer. Never use the browsers password manager.
• Make sure you keep backups of your work in another location… Syncing data might not be enough as the data you are syncing may also stay encrypted.

If you do business online or hold confidential information on your web server/s make sure your website and visitor data is secured with an SSL certificate.

I am not an expert in this area but feel free to get in touch if you have any concerns and I will get answers for you.