GameOver Zeus: Removal, detection and how you can protect yourself

Experts are urging computer users to protect themselves against the potentially harmful malware

Internet users have two weeks to protect themselves against the GameOver Zeus and CryptoLocker viruses being used by criminal gangs to extort millions of pounds, US and UK security agencies announced on Monday.

The warning came after the FBI successfully disrupted a major cybercriminal network in the US from using the viruses to infect computers and steal data.

GameOver Zeus, also known as P2PZeuS, was designed by Russia and Ukrainian gangs to find and harness computer files that give access to banking and financial information, while Cryptolocker encrypts all files on a target’s computer and demands the user pays around £300 to unlock the file.

 Almost 250,000 computers worldwide have been infected with CryptoLocker since it emerged in April and it has so far been used to extort payments of more than $27m (£16m), according to the FBI.

Industry experts have been quick to back up the stern message from the National Crime Agency, whose advice to visit internet awareness group Get Safe Online's's website led to the site going down for 15 hours.

Below are some methods experts recommend to protect yourself from GameOver Zeus and CryptoLocker, and remove it if you suspect you computer is infected.

Protect your passwords
Unencrypted passwords should not be stored on your computer in case they are found by GameOver Zeus or another similarly aggressive malware programme, recommends Hugh Boyes, the head of the cyber security team at the Institution of Engineering and Technology's (IET).

“If there is a need to store passwords, then use a good password manager application, which backs up and shares with your smartphone or tablet computer.”

Recommended password apps include: PasswordBox, LastPass 3.0, and KeePass.

A woman uses her laptop in Istanbul. A woman uses her laptop in Istanbul.
Set up an 'administrator account'
Boyes also recommends that computer users have two separate accounts on their Mac or PC. One standard account should be for day-to-day use, while an ‘administrator’ account is used to make changes to the machine, like installing software or adding a printer.

By not using the administrator account for browsing the web or accessing emails, computer users can protect themselves from 90 per cent of malware attacks.

Update your computer programmes - especially anti-virus software
The NCA has advised that people ensure their security software is installed and updated, and that they run scans. Users should also check that their computer operating systems and applications in general are up to date.

Microsoft users can do this by using the ‘Check for Updates’ function on Windows Update, while Mac users can choose go to ‘Software Update’ on the System Preferences menu.

Beware of suspicious emails
Do not open email attachments unless you are certain they are authentic. Potentially harmful emails generally have some or all of the following characteristics according the Get Safe Online:

- You don’t know the sender.

- The message contains misspellings (for example using a zero instead of an ‘o’) designed to fool spam filters.

- It makes an offer that seems too good to be true.

- The subject line and contents do not match.

- Contains an urgent offer end date (for example “Buy now and get 50% off”).

- Contains a request to forward an email to multiple people, and may offer money for doing so.

- Contains a virus warning.

- Contains attachments, which could include .exe files.

Change your passwords
Your original passwords may have been compromised by GameOver Zeus and CryptoLocker, and could be used to harvest any important information you store or access on your computer.

Back up your files
All of your files, including photos and documents, should be regularly saved to an external piece of hardware, such as a USB stick or an external hard drive. This means it will not be lost if your computer is attacked, or if it breaks.

Remove viruses
The US Government has recommended a number of remediation tools which can be used to remove GameOver Zues.  These include: F-Secure (for Windows Vista, 7 and 8, or Windows XP), Heimdal (for Microsoft Windows XP, Vista, 7, 8 and 8.1), and Kaspersky if you fear your computer is infected.

Additional reporting by PA

Life and Style
ebookNow available in paperback
ebooks
ebookPart of The Independent’s new eBook series The Great Composers
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Ashdown Group: Front-End UI Application Developer

    £30000 - £40000 per annum + Benefits: Ashdown Group: Front-End UI Application ...

    Recruitment Genius: Digital Account Executive

    £18000 - £26000 per annum: Recruitment Genius: They work with major vehicle ma...

    Ashdown Group: C# Developer

    £30000 - £36000 per annum + Benefits: Ashdown Group: C# Developer A highly s...

    Ashdown Group: Senior Test Engineer

    £45000 - £50000 per annum + benefits: Ashdown Group: A market leading software...

    Day In a Page

    Where the spooks get their coffee fix: The busiest Starbucks in the US is also the most secretive

    The secret CIA Starbucks

    The coffee shop is deep inside the agency's forested Virginia compound
    Revealed: How the Establishment closed ranks over fallout from Loch Ness Monster 'sighting'

    How the Establishment closed ranks over fallout from Nessie 'sighting'

    The Natural History Museum's chief scientist was dismissed for declaring he had found the monster
    One million Britons using food banks, according to Trussell Trust

    One million Britons using food banks

    Huge surge in number of families dependent on emergency food aid
    Excavation at Italian cafe to fix rising damp unearths 2,500 years of history in 3,000 amazing objects

    2,500 years of history in 3,000 amazing objects

    Excavation at Italian cafe to fix rising damp unearths trove
    The Hubble Space Telescope's amazing journey, 25 years on

    The Hubble Space Telescope's amazing journey 25 years on

    The space telescope was seen as a costly flop on its first release
    Did Conservative peer Lord Ashcroft quit the House of Lords to become a non-dom?

    Did Lord Ashcroft quit the House of Lords to become a non-dom?

    A document seen by The Independent shows that a week after he resigned from the Lords he sold 350,000 shares in an American company - netting him $11.2m
    Apple's ethnic emojis are being used to make racist comments on social media

    Ethnic emojis used in racist comments

    They were intended to promote harmony, but have achieved the opposite
    Sir Kenneth Branagh interview: 'My bones are in the theatre'

    Sir Kenneth Branagh: 'My bones are in the theatre'

    The actor-turned-director’s new company will stage five plays from October – including works by Shakespeare and John Osborne
    The sloth is now the face (and furry body) of three big advertising campaigns

    The sloth is the face of three ad campaigns

    Priya Elan discovers why slow and sleepy wins the race for brands in need of a new image
    How to run a restaurant: As two newbies discovered, there's more to it than good food

    How to run a restaurant

    As two newbies discovered, there's more to it than good food
    Record Store Day: Remembering an era when buying and selling discs were labours of love

    Record Store Day: The vinyl countdown

    For Lois Pryce, working in a record shop was a dream job - until the bean counters ruined it
    Usher, Mary J Blige and Will.i.am to give free concert as part of the Global Poverty Project

    Mary J Blige and Will.i.am to give free concert

    The concert in Washington is part of the Global Citizen project, which aims to encourage young people to donate to charity
    10 best tote bags

    Accessorise with a stylish shopper this spring: 10 best tote bags

    We find carriers with room for all your essentials (and a bit more)
    Paul Scholes column: I hear Manchester City are closing on Pep Guardiola for next summer – but I'd also love to see Jürgen Klopp managing in England

    Paul Scholes column

    I hear Manchester City are closing on Pep Guardiola for next summer – but I'd also love to see Jürgen Klopp managing in England
    Jessica Ennis-Hill: 'I just want to give it my best shot'

    Jessica Ennis-Hill: 'I just want to give it my best shot'

    The heptathlete has gone from the toast of the nation to being a sleep-deprived mum - but she’s ready to compete again. She just doesn't know how well she'll do...