There’s some good news to report: international law enforcement authorities have disrupted the Gameover/Zeus botnet and charged the criminal gang behind the Gameover banking malware that’s been stealing millions of dollars from victims worldwide.
Sophos experts have been tracking Gameover — a variant of the malware kit known as Zeus — for quite a while. SophosLabs recently identified a rootkit element to the Gameover code which made Gameover harder to detect and remove.
As we reported at Naked Security, the Gameover malware has been used by criminals to infect victims with the ransomware called Cryptolocker.
Computers around the world, but largely in the U.S. and UK, have been infected by Cryptolocker, which encrypts your files and demands $300 for the key that will unscramble them.
Because law enforcement took control of Gameover’s command and control servers, now it won’t be able to download and activate Cryptolocker on computers it has under its control.
That means if your computer is infected by Gameover and/or Cryptolocker, you have a chance to remove it now to stay safe.
Unfortunately, although the takedown of Gameover will help stop the spread of Cryptolocker to new victims, it doesn’t help the millions of Cryptolocker victims since September 2013 who already lost their files or paid the ransom to get them back.
Here’s how you can help
Gameover/Zeus and Cryptolocker are still out there on infected computers. To break the back of Gameover, we need to clean up all those computers it has already infected.
You can do your part by scanning your computer for malware including Cryptolocker and Gameover/Zeus. Use our free Sophos Virus Removal Tool to detect and remove malware, Trojans, rootkits, and viruses.
With the Sophos Free Virus Removal Tool you don’t have to uninstall your existing anti-virus first; and it detects and cleans the same malware that Sophos Anti-Virus detects, not just Cryptolocker.
- Learn more about Cryptolocker: Cryptolocker ransomware on the loose: see how it works, learn about prevention, clean up and recovery
- Learn more about Gameover/Zeus: Notorious Gameover malware gets itself a kernel-mode rootkit