Two weeks to save your computer from major cyber attack.

Uploaded on 2014-06-27 in TECHNOLOGY--Hackers


Computer users have under two weeks to save themselves from a cyber attack blamed for millions of pounds of fraud across the world.
The National Crime Agency teamed up with the FBI and other cybercrime experts to take down a criminal network’s ‘command-and-control’ – but admit they cannot keep it down for long.
More than 15,500 British computers have already been invaded. Many more, running on Windows, remain under threat from ‘botnets’, which can steal money from accounts without users’ knowledge.
In the US alone, gangs are thought to have taken $500million in fraudulent transactions in 2013.
It is not just bank details being targeted; webcams can be used to spy on you, and criminals may also seek to gain money through holding photographs, email accounts or information to ransom.
The gangs are thought to be based in Russia or Eastern Europe, using malware such as Gameover Zeus, GOZeus, or P2PZeus, and ransomware CryptoLocker. The FBI last night described the alleged ringleader, Evgeniy Bogachev, as one of the most active cyber criminals in the world and issued a ‘most wanted’ poster to seek his arrest.
The criminal network was discovered in 2011, and seizing it temporarily in Operation Tovar is said to have been ‘extremely costly’.
The NCA urged people to tighten their software security. It said its warning was not intended to cause panic but added: ‘We cannot over-stress the importance of taking these steps immediately.’
Steve Rawlinson, whose company Tagadab helped target the network said the criminals could get around the take-down in as little as a week. ‘The scale of this operation is unprecedented,’ he added.
Related Links:
http://metro.co.uk/2014/06/02/two-weeks-to-save-your-computer-from-major-cyber-attack-4747797/

http://www.independent.co.uk/life-style/gadgets-and-tech/news/gameover-zeus-computer-users-given-twoweek-warning-over-virus-threat-9474878.html

Russian wanted over cybercrime botnet

The US has charged a Russian man with being behind a major cybercrime operation that affected individuals and businesses worldwide.
Evgeniy Bogachev, said to be known as "lucky12345" and "slavik", is accused of being involved in attacks on more than a million computers.
The charges came as authorities seized control of a botnet used to steal personal and financial data.
Computer users were urged to run checks to protect themselves from the threat.
In a press conference held on Monday, the US Department of Justice said it believed Mr. Bogachev was last known to be residing in Anapa, Russia.
Cooperation with Russian authorities had been "productive", a spokesman added.
In an entry added to the FBI's Cyber Most Wanted list, it stated: "He is known to enjoy boating and may travel to locations along the Black Sea in his boat."
His charges, filed in a court in Pittsburgh, included conspiracy, wire, bank and computer fraud, and money laundering.
The UK's National Crime Agency (NCA) said people probably had "two weeks" before the criminals would get the botnet functioning again, and posted advice on how to best protect computers.
Internet service providers (ISPs) will be contacting customers known to have been affected by either letter or email. The first notices were sent out on Monday, the BBC understands.

Advice from Get Safe Online
            *Install internet security software from companies listed on Get Safe Online's Facebook and Google+ profiles to download a free tool to scan for Gameover Zeus and CryptoLocker, and remove them from your computer
            *Do not open attachments in emails unless you are 100% certain that they are authentic
            *Make sure your internet security software is up-to-date and switched on at all times
            *Make sure your Windows operating system has the latest Microsoft updates applied
            *Make sure your software programs have the latest manufacturers' updates applied
            *Make sure all of your files including documents, photos, music and bookmarks are backed up and readily available in case you are no longer able to access them on your computer
            *Never store passwords on your computer in case they are accessed by Gameover Zeus or another aggressive malware program
------------------------------------------------------------------------------------------
The action related to a strain of malware - meaning malicious software - known as Gameover Zeus.
Malware is typically downloaded by unsuspecting users via what is known as a phishing attack, usually in the form of an email that looks like it comes from somewhere legitimate - such as a bank - when it fact it is designed to trick a person into downloading malicious software.
Once installed on a victim's machine, Gameover Zeus will search specifically for files containing financial information.
If it cannot find anything it deems of worth, some strains of Gameover Zeus will then install Cryptolocker - a ransomware program that locks a person's machine until a fee is paid.
----------------------------------------------------------------------------------------
Hi-tech crime terms
            Bot - one of the individual computers in a botnet; bots are also called drones or zombies
            Botnet - a network of hijacked home computers, typically controlled by a criminal gang
            Malware - an abbreviation for malicious software i.e. a virus, Trojan or worm that infects a PC
            Ransomware - like malware, but once in control it demands a fee to unlock a PC

Related Link:
    
    http://www.bbc.co.uk/news/technology-27668260

 

 

« Exposing Cybersecurity Cracks: A Global Perspective
Massive eBay Hack – 145m Users Affected »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Digital Forensics Inc (DFI)

Digital Forensics Inc (DFI)

Digital Forensics Inc. is a nationally recognized High Technology Forensic Investigations and Information System Security firm

Cleo

Cleo

Cleo is a leader in secure information integration, enabling both ease and excellence in business data movement and orchestration.

CQS (Certified Quality Systems)

CQS (Certified Quality Systems)

CQS is an organisation specialising in ISO assessment and certification, including ISO 27001, along with other management system standards.

Cybercom Group

Cybercom Group

Cybercom offers strategic advice, testing & quality assurance, security solutions, system development, integration, management and operation services.

Open Systems International (OSI)

Open Systems International (OSI)

Our innovative Operations Technology (OT) solutions are highly scalable and can be deployed by various utility companies to monitor, control and optimize their real-time operations.

SentryBay

SentryBay

SentryBay is a real-time data security company developing technology for PC, mobile, the cloud and IoT.

CSIRT-IE

CSIRT-IE

CSIRT-IE is the body within the NCSC that provides assistance to constituents in responding to cyber security incidents at a national level for Ireland.

OffSec

OffSec

OffSec have defined the standard of excellence in penetration testing training. Elite security instructors teach our intense training scenarios and exceptional course material.

Cyberport

Cyberport

Cyberport is focused on facilitating the growth of major technology trends such as FinTech and cybersecurity as well as the emerging technologies of AI, big data and blockchain.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

Blackbird.AI

Blackbird.AI

Blackbird.AI provides an intelligence and early-warning system to help users detect disinformation and take action against threats.

Privacyware

Privacyware

Privacyware's ThreatSentry combines a state-of-the-art Web Application Firewall and port-level firewall with advanced behavioral filtering to block unwanted IIS traffic and web application threats.

Towerwall

Towerwall

Towerwall offers a comprehensive suite of security services and solutions using best-of-breed tools and information security services.

Terra Quantum

Terra Quantum

Terra Quantum is a deep tech pioneer, developing revolutionary quantum applications to shape the technology of the future.

SecureChain AI

SecureChain AI

SecureChain are combining blockchain and AI technology to create a smarter blockchain platform especially in terms of security.

ThreatFabric

ThreatFabric

ThreatFabric integrates industry-leading threat intel, behavioral analytics, advanced device fingerprinting and over 10.000 adaptive fraud indicators.