One of the hottest subjects making headlines in the past few weeks are two related viruses, GameOver Zeus and Cryptolocker, and the temporarily takedown of the huge botnet which distributed them.
The reason for the front page news is the amount of damage they have caused worldwide: over $100 million attributed to GameOver Zeus alone, not to mention the amount of money extorted by Cryptolocker from its victims in exchange for file decryption keys.
And although according to the UK’s National Crime Agency, people have a two-week window to reduce the threat by strengthening their computer’s protection and by making backups of their digital data, no time should be wasted before installing a strong Internet Security Solution. Why? Well, in spite of the fact that these viruses can no longer steal information and encrypt files as long as their communication with the command and control servers is down, other malware writers have been taking advantage of the media frenzy.
As a result, a massive phishing campaign has been started and viruses are already being distributed in extremely large numbers as attachments to spam emails under false pretenses that they are Cryptolocker file decryption tools. Victims should not be tricked: Cryptolocker has used a tough encryption method which cannot be cracked! Software telling you otherwise is deception. In the case of the above email, the self-entitled Cryptolocker file decrypter is in fact malware. The application installed on a computer is supposedly a registry cleaner. Although there aren’t any registry problems on the target machine, the scan output falsely states that the severe issues have been found to trick the victim into buying the software. People should not be tricked: if they pay for this software, the only outcome is that they will help Cryptolocker and GameOver Zeus indirectly cause more financial damage. And the situation will certainly escalate and more dangerous viruses will be marketed as Cryptolocker file decrypters. The only viable solution is to have a powerful security suite installed, which both detects and prevents such malware, and also to regularly backup your files.