Skip to content
Science, Maths & Technology

Two weeks to stop Gameover Zeus: What you need to know

Updated Tuesday, 3rd June 2014

Here's why you should take some simple steps to protect yourself from Gameover Zeus if you use Microsoft Windows.

This page was published over five years ago. Please be aware that due to the passage of time, the information provided on this page may be out of date or otherwise inaccurate, and any views or opinions expressed may no longer be relevant. Some technical elements such as audio-visual and interactive media may no longer work. For more detail, see our Archive and Deletion Policy

Figure of Zeus, the Greek God of War Creative commons image Icon Dave Mathis under CC BY-NC-ND 2.0 licence under Creative-Commons license

It’s little wonder that computer experts are warning that computer users could be experiencing “notification fatigue” after the past few weeks.

But even if you’re feeling overwhelmed following the Heartbleed bug and security breeches at eBay, you should take some simple steps to protect yourself from Gameover Zeus if you use Microsoft Windows.

Why two weeks?

Gameover Zeus is an extremely sophisticated piece of malware uncovered by a huge international investigation. A criminal network has a botnet, or a distributed network of computers, all working together. Your computer could be part of this distributed system without you knowing it. You may have inadvertently downloaded a trojan turning your computer into a zombie or you may have clicked on a link or attachment in an email that looked legitimate but was actually a route for the trojan to be downloaded.

Once your computer is compromised, it works as part of a large hive (the botnet) to infect other computers, scanning them for any documents that contain financial or other interesting information.

If it doesn’t find any financial information, it installs Cryptolocker, which locks the content of your computer and threatens to delete it forever unless you pay a ransom.

On 2nd June, The FBI, Europol and the UK’s National Crime Agency announced that they had identified the source of Gameover Zeus. They say that Windows users should install protection in the next two weeks to stay safe. This is based on the amount of time the FBI and co think they can hold the upper ground against the cybercriminals.

The agencies have taken down the central server that control the botnet but it is assumed that within two weeks, a typical cybercriminal enterprise can regroup, reprogram its attack and start attacking again.

The FBI has named Russian citizen Evgeniy Bogachev as its main suspect but he remains at large and it is not clear how many others are involved.

What should you do?

If you don’t use Windows, you can sit comfortably and do nothing. But the majority of desktop and laptop computer systems sold worldwide do. Gameover Zeus also affects Microsoft Servers, which is used in many organisations.

If you already have anti-malware software, update it and check with your anti-malware provider. If you do not have any anti-malware applications, you must install one. Free applications such as AVG and Malwarebytes are good options.

The FBI is also advising people to change their passwords. This is the third or fourth time you’ll have heard this advice in as many weeks, so you may indeed be feeling fatigue.

This time though, internet service providers have a decent idea of who is implicated because the security agencies know where the network traffic is going. ISPs will be contacting customers known to have been affected by either letter or email. If you get such a communication, you must act.

I would not leave it for two weeks either. The cybercriminals involved may regroup considerably sooner.

Andrew Smith does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations.

This article was originally published on The Conversation. Read the original article.





Related content (tags)

Copyright information

For further information, take a look at our frequently asked questions which may give you the support you need.

Have a question?