UK’s National Crime Agency is giving the public a two week window to gear up against major fraudulent malwares. The malwares in question are known as GOZeuS and CryptoLocker. Members of the public are being guided on basic measures against the attack like security software and operating system and applications update. Initiatives by the FBI in US have weakened the global network of infected computers for time being, opening up the two week window.
Both GOZeuS and CryptoLocker are known to affect users by sending attachments and links via email which look as if they have been sent from genuine contacts. The emails may also carry invoices, voicemail messages, etc. These emails are generated by other victims’ computers on a massive scale.
GOZeuS has been assessed as responsible for fraudulent money transfers worth hundreds of millions of pounds. The malware monitors users’ activity in order to capture banking and other private information. The FBI estimates that GOZeuS is responsible for more than $100 million in losses through bank heists and financial fraud.
CryptoLocker works in the background and encrypts user’s files. On completion of encryption process, the user is presented with a countdown timer. The user is then asked for a ransom in order to enable access to files. The ransom is currently equivalent to one Bitcoin. For CryptoLocker, the FBI estimates that $27 million in ransom payments were made in just the first two months since it emerged in September 2013 affecting 234,000 computers.
The malwares hold the potential to affect thousands of servers especially those pertaining to banking sector. This could seriously affect online banking and money transfer services. Cross border remittance would be affected the most. 15,000 computers have already been affected in UK posing threat for many more.
"Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals. By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them.” said Andy Archibald, deputy director of NCA’s cyber-crime unit.
A number of technology and security software companies like McAfee, TrendMicro, Microsoft and Symantec are working in collaboration with NCA and FBI to prepare action plans against the malwares.