Skip to main content

FM
Former Member

The National Crime Agency is warning computer users they have two weeks to protect against a "powerful computer attack".

It comes as US officials held a press conference accusing a Russian hacker of masterminding the scam and raking in ÂĢ60m.

Two pieces of malware software known as GOZeuS and CryptoLocker are at the centre of the alert.

People are being warned to make sure their security software and operating system are both up to date, and to run scans to check for any problems.

Important files should also be backed up, said the UK's National Crime Agency (NCA).

The malware typically infects a computer via attachments or links in emails.

 

If a user clicks on one of them, the malware silently monitors activity and tries to capture any private information, such as banking details.

"(The links or attachments) may look like they have been sent by genuine contacts and may purport to carry invoices, voicemail messages, or any file made to look innocuous," the NCA warned.

"These emails are generated by other victims' computers, who do not realise they are infected, and are used to send mass emails creating more victims."

The agency said GOZeuS (also known as P2PZeuS) was responsible for hundreds of millions of pounds of fraud globally.

Sky's Technology Correspondent Tom Cheshire said: "We should all be concerned. It goes specifically after financial information, and if that is over a certain threshold it starts stealing it very silently without you necessarily noticing."

The second threat comes from the Cryptolocker malware, activated if the first attack is not profitable enough.

It locks a user out of their files, for example photos or music, and threatens to delete them unless a "ransom" of several hundred pounds is paid.

More than 15,500 computers in the UK are infected and "many more" are at risk, according to the NCA.

Microsoft Windows 7Computers running Windows software are said to be most vulnerable

Stewart Garrick, a senior investigator with the NCA, told Sky News the threat was mainly against individuals or businesses running Windows-based computers.

"It's utterly indiscriminate - it doesn't care what machine it falls on.

"It's there purely for the criminals to harvest your money direct from your bank account, or by demanding a ransom to get your files back."

FBI action in the US had weakened the network of affected computers, said the NCA, "meaning that action taken now to strengthen online safety can be particularly effective".

Thirty-year-old Russian Evgeniy Bogachev is the alleged leader of the gang behind the attacks, FBI executive assistant director Robert Anderson told a news conference in Washington DC.

"They (the FBI) have disrupted the network and taken control of it," said Sky's Tom Cheshire.

"So when the hackers try to speak to the computer that's affected, that line of communication has been cut off.

"You now have a chance to clean up. The first thing you should do is update your operating system - especially if you're on Windows, then look to scan your computer for viruses and it should be able to find it."

For more information visit www.getsafeonline.org/nca.

Replies sorted oldest to newest

Another vote for backing up on various non connected external hard drives, DVDs and so forth.

The other thing, and I don't know if it makes any difference but it reassures us....,,,,,,
Our two main email addresses are non web based. So messages drop straight into the PC. We tend to use "mail2web" to knock out obvious spam and dodgy attachments out there in cyberspace........... I hope!
Garage Joe

It's people whose computers have been infected with either of the two pieces of malware software known as GOZeuS and CryptoLocker need to take action. Any good quality anti vurus software which looks for malware should have prevented a computer being infected. Only a small proportion of computers have been affected.

This has become news as the FBI have seized the criminals' servers and have been monitoring the servers to identify affected computers. They are intending to get information to those people with affected computers so that they can do something about it withine the next two weeks. They reckon that after then the criminals will have set up new servers.

 

I saw the article on the BBC website yesterday afternoon and that the getsafeonline.org site was down then. On the PM news progamme on Radio 4 they were having an interview with Rory Cellan-Jones their tech guy about this. I rang the BBC and informed them that the getsafeonline site was down and they said that they would pass my message on to that PM programme.

 

Dave Lee, the BBC correspondent who wrote the article, has obtained the advice from getsafeonline.org and has posted it elsewhere:

https://www.evernote.com/shard...f2d786a15bafdbbdcb46

Besides giving links to software to check for rhe malware, it does warn that criminals may send out emails with attachments or links to people pretending to be from your ISP or law enforcement agency and that those attachments or links would contain the malware so be on guard for this.

 

El Loro

Seriously who opens attachments or clicks on links they don't know anything about anymore. . Surely that is the very basics of using the internet to keep safe?

 

Even if the mail purports to come from a friend, if you aren't expecting them to send you an attachment why would anyone open one?

 

I don't use a browser to read mail I use an email client on my computer to collect mail... it is scanned by my anti virus as it comes in.. also using mail thru a browser means you have to store your contacts online and that is how the hackers get the addresses to send these viruses in the first place when they hack email accounts.. I owe it to my friends to not store their info in a place that can be hacked hence using an email client..  plus I can get all my various mail in the one place..

 

the main thing to be safe is don't open any attachments on emails and don't click any links in emails and keep your anti virus up to date...

Mount Olympus *Olly*
Originally Posted by Mount Olympus *Olly*:

Seriously who opens attachments or clicks on links they don't know anything about anymore. . Surely that is the very basics of using the internet to keep safe?

 

Even if the mail purports to come from a friend, if you aren't expecting them to send you an attachment why would anyone open one?

 

I don't use a browser to read mail I use an email client on my computer to collect mail... it is scanned by my anti virus as it comes in.. also using mail thru a browser means you have to store your contacts online and that is how the hackers get the addresses to send these viruses in the first place when they hack email accounts.. I owe it to my friends to not store their info in a place that can be hacked hence using an email client..  plus I can get all my various mail in the one place..

 

the main thing to be safe is don't open any attachments on emails and don't click any links in emails and keep your anti virus up to date...

Good advice Olly, hadn't thought of that.

FM

I have now been able to access the getsafeonline.org page. It took several minutes as there must be thousands of people trying to get on.

I decided to save the page on my computer as an HTML file and have attached it to this posting for those who are concerned to be able to access it quicker than going to the original page.

The attachment does look like an old style webpage and has replaced the images etc with lots of links which can be ignored. The text and the links to the various removal tools sites such as Symantec and Kaspersky start about half way down.

Attachments

El Loro
Originally Posted by El Loro:

I have now been able to access the getsafeonline.org page. It took several minutes as there must be thousands of people trying to get on.

I decided to save the page on my computer as an HTML file and have attached it to this posting for those who are concerned to be able to access it quicker than going to the original page.

The attachment does look like an old style webpage and has replaced the images etc with lots of links which can be ignored. The text and the links to the various removal tools sites such as Symantec and Kaspersky start about half way down.

Thanks El Loro xx

FM
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by Roger the Alien:

They can have my photos and overdraft details at the bank - meh. I'm worried they'll steal our forum and make us pay ransom  

 

EC will you track em down? 

 

 

 

Already on it Rog

Yay! I'm picturing you as Liam Neeson in Taken... 

FM
Originally Posted by Roger the Alien:
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by Roger the Alien:

They can have my photos and overdraft details at the bank - meh. I'm worried they'll steal our forum and make us pay ransom  

 

EC will you track em down? 

 

 

 

Already on it Rog

Yay! I'm picturing you as Liam Neeson in Taken... 

 

 

"I don't know who you are. I don't know what you want. If you are looking for ransom, I can tell you I don't have money. But what I do have are a very particular set of skills, skills I have acquired over a very long career. Skills that make me a nightmare for people like you. I am a master at poached eggs on toast and basket weaving. If you leave the Internet alone, that'll be the end of it. I will not look for you, I will not pursue you. But if you don't, I will look for you, I will find you, and I will kill you."

 

 

 

Enthusiastic Contrafibularities
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by Roger the Alien:
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by Roger the Alien:

They can have my photos and overdraft details at the bank - meh. I'm worried they'll steal our forum and make us pay ransom  

 

EC will you track em down? 

 

 

 

Already on it Rog

Yay! I'm picturing you as Liam Neeson in Taken... 

 

 

"I don't know who you are. I don't know what you want. If you are looking for ransom, I can tell you I don't have money. But what I do have are a very particular set of skills, skills I have acquired over a very long career. Skills that make me a nightmare for people like you. I am a master at poached eggs on toast and basket weaving. If you leave the Internet alone, that'll be the end of it. I will not look for you, I will not pursue you. But if you don't, I will look for you, I will find you, and I will kill you."

 

 

 

FM
Originally Posted by pirate1111:

cyber attack bloke cant be that good if we got 2weeks warning

 

Pirate, the reason is...

 

 

The operation carried out by the FBI was able to knock out many of the servers used by criminals to control this particular threat.

 

It is estimated it will take around two weeks for the botnet - that's the network of criminally-controlled, hijacked computers - to be fully operational again.

 

That's why the security experts are advising people to use this relatively quiet two-week period to make sure they're up to date.

 

 

Enthusiastic Contrafibularities
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by pirate1111:

cyber attack bloke cant be that good if we got 2weeks warning

 

Pirate, the reason is...

 

 

The operation carried out by the FBI was able to knock out many of the servers used by criminals to control this particular threat.

 

It is estimated it will take around two weeks for the botnet - that's the network of criminally-controlled, hijacked computers - to be fully operational again.

 

That's why the security experts are advising people to use this relatively quiet two-week period to make sure they're up to date.

 

 

wibble

pirate1111

Add Reply

×
×
×
×
Link copied to your clipboard.
×
×