Take down of Cryptolocker and GameOver Zeus
This week the UK National Crime Agency and the FBI, working with Symantec and other partners, were able to significantly disrupt two cybercrime operations: Gameover Zeus botnet and Cryptolocker ransomware network.
Gameover Zeus was first developed in September 2011, and runs software on an infected devices which is then used to intercept online banking transactions, defrauding customers and banks. Cryptolocker is a new form of ransomware which works by encrypting files on the victims hard-drive, then demanding payment for the key to decrypt.
Up-to-date versions of Symantec and Norton products, such as Norton 360 Multi-Device, will successfully identify these threats and prevent infection. Symantec has also released a tool which can help with clean-up infections which are harder to remove. For a device infected with Cryptolocker the only solution is to restore data from a backup, which again could be provided by Norton 360 Multi-Device.
How can I avoid infection:
- If you receive an e-mail with an attachment - DO NOT open it unless it's expected. Examples would be invoices for unknown purchases, bank statements (which are never e-mailed).
- DO NOT click on website links to download files unless you have requested them.
- Make sure that your security software is up-to-date to prevent infections from occurring
- Run regular full scans of your computers
- If you have been infected with Cryptolocker, do not pay the ransom. Payment to cybercriminals only encourages more malicious campaigns. There is no guarantee that payment will lead to the decryption of your files.