Channel NewsAsia

2,000 Singapore users affected by GOZ, CryptoLocker malware

Singapore Computer Emergency Response Team (SingCERT) is working with local Internet service providers to notify affected users, and no e-government services are affected so far, says IDA.

SINGAPORE: The Infocomm Development Authority of Singapore (IDA) confirmed on Wednesday (June 11) that there are 2,000 users in Singapore affected by the Gameover Zeus (GOZ) and CryptoLocker malware, which have hit users internationally.

A multi-national agency effort had earlier this month disrupted the GOZ botnet as well as the CryptoLocker malicious software.

The IDA spokesperson told Channel NewsAsia: "The United States authorities found 2,000 affected users in Singapore and informed SingCERT (Singapore Computer Emergency Response Team), who is working with the local ISPs (Internet service providers) to notify them."

"So far, no Government e-services have been affected. We will continue to strengthen all Government websites and e-services by taking the necessary security measures such as checking and fixing vulnerabilities and patching software," the spokesperson added.

GOZ and CryptoLocker malware encrypt a user's information and demand a ransom from the user in order to decrypt the files. Systems infected by either of the malware could be used to send spam, participate in distributed denial-of-service (DDoS) attacks or cause users to lose sensitive information such as user names, passwords and banking data.

In a blogpost on Wednesday, SingCERT identified the following systems to be affected by the two malware:

- Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8
- Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012

SingCERT advised affected users to scan their computers with an updated anti-malware solution to remove Zeus and other known malware, change all user names and passwords, and to back up important files regularly.

INTERNATIONAL IMPACT
The United Kingdom's National Crime Agency (NCA) had issued a warning on June 2 that the GOZ botnet could be up in just two weeks, and urged people to protect their computers from an expected "powerful computer attack".

The US Computer Emergency Readiness Team (US-CERT) posted a technical alert on its website the same day, announcing a multi-national effort that disrupted the GOZ botnet - a global network of infected victim computers used by cybercriminals to steal millions of dollars from businesses and consumers.

"Gameover Zeus' decentralised, peer-to-peer structure differentiates it from earlier Zeus variants. Security researchers estimate that between 500,000 and 1 million computers worldwide are infected with GOZ. The FBI estimates that GOZ is responsible for more than US$100 million in losses," the United States Department of Justice stated in a separate press release.

Tweet photos, videos and updates on this story to  @channelnewsasia