New Virus Alert: GameOver Zeus

New Virus Alert: GameOver Zeus

gameover zeus info

It’s been hard to avoid the news over the last few days discussing and warning of a potential new mass computer virus.

‘GameOver Zeus’ as it is commonly known, is a potentially dormant threat awaiting activation on a date sometime in the next two weeks.  It is a virus aimed at stealing users passwords in an attempt to gain access to individuals online accounts.

An FBI led operation has done and is doing what it can to limit the effect of any potential infection and police agencies, technology companies and internet service providers are all doing what they can to prevent the spread and infection of further computers, while Cryptolocker (which has been around for some time now) encrypts all files on a target’s computer and demands the user pays around £300 to unlock their files.

Once again, we expect that Gameover Zeus will primarily be spread via (legitimate looking) email messages with .zip files attached containing bogus (legitimate looking) files.  These typically purport to be invoices, credit notes etc. usually in the form of a fake pdf file.

Some typically forged senders are :- (but not limited to)

  • fraud@aexp.com (American Express)
  • webteam@virginmedia.com (Virgin Media, Virgin Mobile)
  • service@citibank.com (Citibank Group)

We have seen in the UK, fraudulent emails from the Royal Mail, The Post Office, Popular Courier Firms, The National Lottery, All Banking Establishments, HMRC, DVLA and most Major Supermarkets, so we ask that all users be extra vigilant over the next few weeks.

The precautions/measures we took last time have not been lifted, so zip files are still blocked where possible and those with hosted email can be certain that any infected files will not reach their desktops.  At all times, remember that end-user diligence is the key weapon against any threat.  It is highly unlikely that you will ever receive an email with an attachment that you haven’t requested or aren’t expecting, so simply do not open the email.  Please call us if you are in any doubt over the validity of an email or its content.

Remember, do not open any attachment if:

  • You don’t know the sender, or you aren’t expecting an attachment.
  • Claims that you have to open an attachment to gain access to information
  • The message contains obvious spelling mistakes.
  • It makes an offer that seems too good to be true.
  • The subject line and contents do not match.
  • Contains an urgent offer end date (for example “Buy now and get 50% off”).
  • Contains a request to forward an email to multiple people, and may offer money for doing so.
  • Contains a virus warning.
  • Contains attachments, which could include .exe files.

Tools have been released to check your computers if you want to be safe in the knowledge that your computer is currently clear of infection, the links to these are below.  There is one for 64bit machines and one for 32bit machines.  If you aren’t sure which one to use, try the 64bit one first, if that fails use the 32bit version.

Threat Cleaner for 32-bit systems

Threat Cleaner for 64-bit systems

Please call us if anything is detected, we are yet to see a positive detection by these tools so you will be helping us too by reporting any infections.  If anything is detected, you must change any passwords to online accounts accessed after cleaning the infection.

For any of you with lapsed or out-of-date anti-virus software please call us to get you compliant again, an indication of costs for our AV products are below:

Up to 5 Machines = £90.50
Up to 10 Machines = £181.00
Up to 15 Machines = £271.50
Up to 20 Machines = £271.50
Up to 50 Machines = £385.00
Up to 100 Machines = £770.00

Prices Exclude VAT and Installation.

Need expert IT support? Get in touch today. CONTACT US