GameOver Zeus - Malware

David Higgins from 4ITSec

Malware Update – “GamerOver Zeus”

GameOver Zeus (GOZ, for short) has been in the arena since late 2011, but has recently hit the headlines with high-profile attacks on US soil (Department Of Justice).

It’s a form of Trojan operating as a combination of

• Phishing attacks (emails requesting you to click a link that takes you to an infected site)
• Drive-by download (automatic download and installation of malware code when you’re taken to a site)
• Command and control (logging system activity such as user id’s & passwords)
• In some cases overriding default behaviour to send your electronic traffic (e.g. banking) to another site without your knowledge or permission

and, despite being quite a high profile Trojan, little was ever done to combat it’s infectiousness and it has mutated several times throughout its life-span.

Now that the supposed creator of Zeus is under US Federal Investigation and, for the time being, his network of compromised systems has been taken down, you still need to protect yourself as the Trojan itself may still have a “payload” to deliver (e.g. encryption of files in extortion of payment, or “ransomware”)

A specific “vulnerability scan” should be performed to detect the presence of Zeus on your IT systems and network.

Avoid visiting websites that could be considered dangerous or malicious; these include adult content, and file-sharing websites.  Some other tips to stay protected include:

• Keep your Internet browser, and operating system up to date
• Use a safe search tool that warns you when you navigate to a malicious site
• Use comprehensive security software on all your devices

If you have any more questions about this, or any other vulnerability, please don’t hesitate to contact us immediately – contact@4ITSec.com

Share this

Gold Patrons