A number of security firms have offered their advice on avoiding ‘insanely dangerous’ malware, which the NCA has warned could hit the UK in the net two weeks.
The GameOver Zeus botnet and Cryptolocker ransomware are said to infect computers, with the former stealing passwords in order to access money in online bank accounts and the latter encrypting files and demanding payment from users in order to unlock the data.
The threat is being tackled by law enforcement with the collaboration of several tech firms such as Microsoft, which has worked with the FBI to develop a cleanup solution to limit the use of infected computers for harm.
David Emm, senior security researcher at Kaspersky Lab, commented: “These types of threats are not uncommon – in our virus lab we see 315,000 unique samples every day. In the case of a common banking Trojan like Zeus, there are literally hundreds of thousands of variants.
“People should not only protect their computers, but also ensure that they back up their data regularly. This is particularly important in the case of ransomware.”
Alexandru Catalin Cosoi, chief security strategist at Bitdefender, added: “Zeus is a well-known and highly successful crimeware kit – the flat-pack furniture of the virus world. It is under constant development by several criminals or groups and new functionalities are constantly added. The skill bar to using it is unfortunately very low and getting lower by the day.
“In order for UK citizens to protect themselves, a security solution which can detect and block new and previously-unknown variants of malware is a must. So is a bit of care – granting access to some kind of service that installs apps from unknown sources should always be a cause for concern.” ?
Alex Balan, head of product management at BullGuard, also offered some insight into the malware scourge.
“The reality is that these pieces of malware have actually been around for some time and they are insanely dangerous,” he said.
“These particular samples are very evolved and in many cases if they manage to get installed on a system, money will be surely lost and removal will be very difficult.
“However, if you’ve got good internet security, you’ve got nothing to worry about. These malware strains will be picked up and stopped even when they’re back up and scouring the internet for vulnerable computers.”
Vinod Mohan, product marketing specialist team manager at SolarWinds, offered more advice concerning further threats that could occur over the summer, outlining five ‘top tips’ for users who may be looking to watch Wimbledon or the FIFA World Cup online.
The tips were:
- Does anything look suspicious? – “As soon as you get to a new site – whether it’s social or financial, gaming or gambling –give the site a quick once-over to help you identify a suspicious site.”
- Confirm if the website is secure – “Verify that the SSL certificates are all valid and check that the internet protocol is HTTPS.”
- Watch out for uninitiated or automatic downloads – "Sometimes, just logging onto a site may trigger a download. If such a download occurs, immediately cancel the download, or scan it with a well-known anti-virus program. Only when you are sure that a download is secure should you run it.”
- Do not keep following nested links – “If every URL redirect from a site is taking you through different domains nested within one another, there is something fishy about the site’s legitimacy. You need to take care on these sites.”
- Run your own diagnostics on suspicious sites – "Whether you found a URL in an email or on an IM chat, if you are not aware of its reliability, it is best to take precautions and run your own online tests if you don’t want to end up a phishing victim.”
Image of locked smartphone courtesy of Shutterstock.co.uk