Alert: New Botnet Thunders Into View For Windows Users

GameOver Zeus, a member of the Zeus family of malware, has been discovered and disrupted by the Department of Homeland Security, Federal Bureau of Investigation, and Department of Justice. But, this is only a temporary respite from the danger the malware poses – in two weeks, the threat will be back, and very much alive.Zeus, originally identified in 2011, is a group of malware that attempts to steal banking credentials from unsuspecting citizens. This particular Zeus malware is a peer-to-peer variant, meaning that it uses communication between computers to get around and create bots, or rather, “zombies,” out of computers. According to the official statement from the United States Computer Emergency Readiness Team, GameOver Zeus “uses a decentralized network infrastructure of compromised personal computers and web servers to execute command-and-control.”

In other words, this botnet can take control of your computer, and use it to create others just like it – a horde of zombie-like parasites that can send spam, steal sensitive information and credentials, and participate in distributed denial-of-service attacks (DDNS), in which it can prevent the intended user from receiving the experience expected from the software. It tricks the user into clicking on malicious emails or websites, spreading the infection to their computer.

Because this botnet uses peer-to-peer technology and communications, it is able to use its infected network to distribute data to others. What’s even worse is that this network turns encryption to a sinister purpose – to stay hidden from view. This also contributes to how difficult it is to eliminate, as there is no central weakness which could bring about a point of failure.

How To Prevent Your Own GameOver Catastrophe
While it is difficult to stop outright, there are ways you can prepare for the oncoming horde of zombie-bots. Here are three pointers to keep yourself safe from infection:

  • Subscribe to the AnchorSix Managed Internet Security Essentials. AnchorSix provides many layers of defense for our customers. Signature based virus scanning on the parimeter of your network, web filtering to prevent users from getting to sites that are known to propogate viruses, Spam and Virus scanning on all email, and our state of the art firewall protection for eliminating all unwanted traffic. These solutions along with managed backup and restoration services will protect your business from the evils of the Internet.
  • Change your passwords, and change them often. There is a chance that your passwords have been compromised during the infection, so it is best to change your passwords as soon as possible. Overall, changing your passwords often is a good practice, and should be done every quarter or so – you know, just for good measure.
  • Make sure your operating system and application software are up-to-date. Nothing screams vulnerability more than running an unpatched operating system or using applications that aren’t updated.

For more updates on the latest security threats, contact AnchorSix at 801.225.3800 . We’ll make sure that you are always aware of the dangers that loom on the horizon, and even better, we’ll arm you with everything your business needs to combat the web-based apocalypse!