The United States Computer Emergency Readiness Team, commonly known as US-CERT, released an alert today detailing the impact of GameOver Zeus P2P Malware.
GameOver Zeus (GOZ) is a bank credential-stealing malware first identified in 2011. Cybercriminals use network infrastructures of personal computers and Web servers to carry out command-control attacks. GOZ affects Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7 and 8, as well as Microsoft Server 2003, Server 2008, Server 2008 R2 and Server 2012.
GOZ is typically spread through phishing messages and spam and usually is leveraged to steal banking credentials. After being infected by GOZ, infected systems are sometimes used to send spam or to execute distributed denial-of-service (DDoS) attacks. GOZ uses a peer-to-peer network to communicate and distribute data across infected hosts and uses encryption to avoid detection. As a result, the GOZ virus is very resilient and difficult to contain.
Reinstalling your operating system (OS) is the best remedy for completely ridding your system of GOZ and other advanced malware. Tools like Norton Ghost and Acronis simplify that process. Keeping your OS up-to-date — specifically with patches that remove some vulnerability — will also better equip it to defend against some attacks.
It’s important for end-users to understand that standard off-the-shelf antivirus solutions are largely infective of advanced malware. Likewise, changing passwords doesn’t protect end-users from key-logging malware.
Want to know more about Zeus malware? Read our recent entry, “Reign of Zeus Continues in Digital Sphere,” that explores malware’s global effectiveness.