Important steps and advice to protect your computer from Gameover Zeus, GOZeus, or P2PZeus

The National Crime Agency announced it has took down a international crime network who have stolen 60 Million from our personal bank accounts, We have been offered a 14 day period to secure our computers and kick hackers out, after the government took out the servers controlling the organised attack on our computers.

This article is designed to help you protect your computer, your finances, your identity and your family against this new online threat. We have been offered a rare 14 day warning and break to ensure our computers are secured.

The target of the attack is random private individuals just like you and me, they are also targeting small businesses so it is critical that you read this page and follow the advice to ensure your computer and your family is secured.

We recommend you follow the advice within this page to ensure your computer is secured from hackers and cyber criminals.

If you have a windows operating system it is important that you apply these actions to secure your PC, which includes any server running windows or windows embedded software.

The government and National Crime Agency have advised this is not an isolated attack, 15,000 computers within the United Kingdom have already been locked by criminals and personal details stolen.

The UK National Crime Agency (NCA) has managed to take temporary control of the communications which are used to connect with the infected computer systems and has offered us a very limited window to secure our computers, ensuring we have enough time to ensure we are protected.

We have provided a number of links that will allow you to check your computer for the presence of malware which are related to this cyber attack, if you take no action please make sure you use one of the tools provided to run a check immediately to see if you are at threat.

The attack affects your computer system, cyber criminals are working around the clock to create ways of stealing our financial information, commit fraud and identify theft againts people like me and you, the proceeds of the cyber attacks funds further organised crime.

This cyber attack comes in the form of two different types of malware to infect your computer to allow them to commit these crimes against you.

1. The known virus is called Gameover Zeus, GOZeus, or P2PZeus it is a very aggressive malware that infects your computer, it allows the criminals to take over your computer, and they will then commit crimes which include viewing your files, monitoring your bank accounts and sending emails from your accounts, they will even use your webcam to spy on you.

2. the Ransomware known as CryptoLocker, this is a vvirus that the criminals will use to prevent you opening any files, they will lock down your PC, and then issue you with a ransom demand, once you have paid the ransom your computer will remain locked, your computer will be useless as access to all features within the computer will be blocked.

Your computer becomes infected in a number of ways, you will receive emails which claim to be from your bank, government, or official company, they will require you to login to claim a refund or other account activity update that may be required.

You may receive emails which contain website links to bogus emails, attachments which you will be requested to download that contain hidden malware, that is a Trojan.

They will have hacked and stolen your email list so it can appear as if the spam emails are coming from one of your friends email accounts, when you open the attachment in an email it automatically tells the trojan to download Gameover Zeus and Cryptolocker from the server.

Gameover Zeus will search your computer for methods of making a profit, if it cannot find such details Cryptolocker will kick in and take over your computer and will lock down your computer and demand a ransom of cash.

If you have been infected your Internet Service Provider (ISP) may now send you a letter warning you that you have been infected, the ISP will know you have been infected because the National Crime Agency have taken over thousands of servers and have obtained the records.

The advice is to follow the information within this letter from your ISP, which is the same as the advice we have published on this page. If your computer has been locked down by CryptoLocker it is to late, and it cannot be recovered.

To avoid future attacks on your computer it is good to ensure you regularly update your computer updates regular.

Ensuring you don’t fall for phishing emails sent by Cyber criminals, as they will exploit the situation and send out further phishing e-mails which may claim to be from your ISP or National Crime Agency, which require you to click on a link to open an attachment to fix the problem.

Please ensure you do not click on any unknown attachments because please bare in mind they have access to your email contacts and these emails may appear to come from a friend, family member or colleague, infact these will be sent by the server

The advice is now to ensure you can your computer and remove Gameover Zeus malware and CryptoLocker software during the 14 day break.

A number of security companies have quickly developed free tools to remove these threats from your computer, even if you have not been infected by these it is advised you run the tools anyway.



F-Secure Online scanner (Windows Vista, 7 and 8)
F-Secure Rescue CD (Windows XP systems)

This article has been written with the advice from the Government, you can visit the
Get Safe Online website for more advice.