Channel NewsAsia

GOZ, CryptoLocker infections - tip of the iceberg?

Following an announcement that 2,000 users in Singapore were affected by Gameover Zeus and CryptoLocker malware infections, an IT expert said this could be the tip of the iceberg,

SINGAPORE: Up to a million computers worldwide could be hit by the Gameover Zeus and CryptoLocker malware. Gameover Zeus comes innocently in the form of an email, usually from a trusted source, such as your friends. The emails have an attachment which once downloaded, infects your PC immediately.

Hackers use the malware to perform any kind of operation on your PC. In this case, it commands the installation of CryptoLocker - a kind of cyber-extortion programme. CryptoLocker encrypts all your files, like pictures and documents. It demands a ransom be paid, either by you or a third party, within 72 hours, for the release of your information. If you don't, you lose your data. 

"Zeus was one of the most dominant bots in the world. Gameover is the next generation of Zeus, so it is about as sophisticated as it gets. However most of the endpoint protection systems that protect PCs have a mechanism that prevents Zeus or Gameover Zeus from getting on your PC, so somehow these PCs that have gotten infected have made it pass some of the more common intrusion prevention systems," explained Dr Naveen Bhat, Vice-President of Ixia.

The Infocomm Development Authority of Singapore (IDA) told Channel NewsAsia on Wednesday (June 11) that "the United States authorities found 2,000 affected users in Singapore and informed the Singapore Computer Emergency Response Team or SingCERT, who is working with local Internet Service Providers to notify them."

It added that so far, no e-Government services have been affected. Still, authorities will continue to strengthen all Government websites and e-services by taking the necessary security measures such as checking and fixing vulnerabilities and patching software.

SingCERT said some of the systems affected are Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8; Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012.

"It could be the tip of the iceberg, but it's really hard to tell, because what has been reported is an attack by the bots and these bots are pieces of software that sit on your machine and they stay dormant. So we have no way of telling if it's 2,000 or 20,000 at this point," said Dr Bhat.

The Gameover Zeus malware network was shut down by an international police effort this month, spearheaded by the Federal Bureau of Investigation. The mastermind behind it is allegedly Evgeniy Mikhailovich Bogachev from Russia. The FBI estimates that Gameover Zeus is responsible for more than US$100 million in losses.

Microsoft said in a blog post dated June 2 that it has worked closely with the FBI and industry partners, and has taken action to remove malware, so that infected computers can no longer be used for harm.

IT security firm Trend Micro predicts that there will be one major data breach incident globally every month this year. Attacks will be more targeted, malicious and with more attacks via mobile devices, with the proliferation of smart phones.

"People have to be smart. No amount of government policy or procedures, guidelines will be able to save somebody if they can't save themselves," said Dr Bhat. "So every single individual has to understand the basics of computer security. Make sure that they don't click on either suspicious or anything that could trigger a download of some other software. So people have to educate themselves, people have to educate their kids, because quite often, kids do this, they don't know what they are doing."

He also said the Government should take the lead in educating the public on cyber security, and laying out guidelines. "You can set up policies for enterprises, the defence department and other organisations. They have to pass certain audits, resiliency checks to ensure that their networks are constantly upgraded to defend against attacks."


 

Tweet photos, videos and updates on this story to  @channelnewsasia