The Department of Homeland Security’s United States Computer Emergency Readiness Team (US-CERT) released a Technical Alert (TA14-150A) on new variant of Zeus Trojan botnet, GameOver-Zeus.
According to the US-Cert, the new Zeus peer-to-peer (P2P) variant is used by cyber criminals to intercept and steal login credentials and banking information, a GOZ infected system sends spam or participate in distributed denial-of-service (DDoS) attacks under command of attacker.
Cyber criminals sending GOZ with spams or phishing technics to decentralized backbone networks to compromised personal computers and web servers to execute command-and-control, GOZ affect all Microsoft Operating systems as follow;
- Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8
- Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012
US-Cert advised the users to take these following actions to remediate the GOZ infections:
1-Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses. It is important to keep your anti-virus software up-to-date.
2-Change your passwords – Your original passwords may have been compromised during the infection, so you should change them.
3-Keep your operating system and application software up-to-date – Install software patches so that attackers can’t take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
4-Use anti-malware tools – Using a legitimate program that identifies and removes malware can help eliminate an infection. Users can consider employing a remediation tool that will help with the removal of GOZ from your system.