A new malware threat has emerged this last week for computers. This malware (also known as ransomware) has been dicovered by the NCA (the UK National Crime Agency).
Cyber criminals are constantly devising new types of malware to commit financial theft, fraud, identity theft and other crimes against ordinary people. The proceeds of their crime are also used to fund further organised crime. This latest threat is particularly insidious as it uses two different types of malware to infect your computer in order to commit these crimes:
1. A virus known as Gameover Zeus, GOZeus, or P2PZeus
This is a type of aggressive malware which infects your computer so that it can effectively be ‘taken over’ by the criminals. It can be used for a number of different criminal activities such as viewing your files, monitoring your bank accounts, sending emails in your name and even using your webcam to physically spy on you.
2. Ransomware known as CryptoLocker
CryptoLocker is a virus which criminals use to prevent you opening any files – effectively locking down your PC – before issuing you with a ransom demand. If you pay the ransom, there is no guarantee that it will be unlocked. Once your computer is locked, it is effectively rendered useless as you cannot access your email, files, photos, music or bookmarks.
How computers get infected
You probably receive many emails claiming to be from your or another bank, a government body or other official source, urging you to check your account, claim a refund or other action. Many of these arephishing emails containing links to bogus websites, or attachments which you are told to open, which actually contain malware hidden in what is known as a Trojan. In this case, the criminals have also stolen or hacked email lists and can make it make it appear as if these arespam emails coming from a friend's email account.
In this particular attack, the act of opening the attachment in such an email automatically ‘tells’ the Trojan to download the Gameover Zeus and CryptoLocker from a server normally located abroad, of which there are thousands which exist purely for criminal purposes.
How does the attack work?
If Gameover Zeus cannot ‘find’ enough on your computer to make a profit for the criminals, CryptoLocker will take over, effectively lock down your machine and demand a ransom.
What you need to do NOW
Your internet service provider (ISP) may have sent you a letter or email warning you about this threat. They will know that your computer is infected because the NCA – working with other law enforcement bodies around the world – has taken over thousands of the criminal servers and examined the records. You must follow the advice on this page straight away. Even then, if your computer has been locked down by CryptoLocker, it is too late.
Remember that making sure that updating your operating system and software are good habits to get into so you should be doing this on a regular basis.
What we can do for you!
Our experts can run a scan and check for any infections that may currently be there. Also we offer a full virus removal service for any computer known to be infected:
Full virus removal £40
Full Computer Healthcheck (includes virus removal) £50
If you feel you may be infected click here to contact us.