The IT company Malcovery Security announced that has revealed criminal cyber group that attempts to recreate a new botnet based on a modified version of the virus Gameover Zeus.
Gameover Zeus Trojan is designed mainly to steal personal financial information. According to recently published material of FBI ,the botnet has caused damage estimated at over 100 million U.S. dollars worldwide.
Experts note that the blocking of this trojan requires special equipment and united efforts of multiple antivirus labs. In contrast to former Trojans that running through networks of servers and registered domains , Gameover uses peering architecture. Decommissioning or interruptions of one infected computer system does not affect the entire botnet.
Malcovery claim to has detected a spam-emails that sending out the malicious code. The new modification of the Gameover Zeus doesn`t use the P2P structure already ,instead passed to the DGA (domain name generation algorithm) system that allows a hybrid operation of this Trojan – both through peering networks and through a system of random chosen servers .
PC users are being warned to be on their guard against emails purporting to be from the Royal Mail and containing CryptoLocker, a malicious piece of software that locks computers with an unbreakable encryption.
The email states that a lost or missing package is waiting for you at your local sorting office and asks recipients to download an attachment to find out more. Those who do immediately start to install the CryptoLocker malware on to their computer, without realising what they have done.
CryptoLocker will encrypt all the data on the computer, including photos, music and personal documents, using a public key.
A message will then appear on the screen stating that all of the data is locked and can only be unlocked with a private key, which the scammers promise to hand over once the computer owner has sent them a payment.
The fraudulent Royal Mail email was discovered when a victim contacted the Action Fraud call centre. It is the second piece of malware hidden in a fake Royal Mail email that has come to light in recent months.
As a result of the scams, Royal Mail has issued advice warning members of the public that it will never include attachments in an unsolicited email, and stating that it does not email its customers asking for any personal information. It has also notified the National Fraud Intelligence Bureau.
“We encourage any customer who receives a suspicious email claiming to be from Royal Mail to contact our customer services department on 08457 740 740,” a spokesperson said, adding that the company follows “robust security procedures” to protect its customers.
Anyone wishing to book a redelivery of a Royal Mail parcel can do so online at the Royal Mail website.
Scammers using CryptoLocker typically ask for ransoms of either $300 or €300, which must be sent through an anonymous pre-paid cash voucher such as MoneyPak or Ukash or the equivalent amount in Bitcoins.
If the extortionists do not receive the payment within 72 to 100 hours, victims are warned the private key will be destroyed and nobody will ever be able to recover their data.
The encryption uses publicly available, well-established algorithms developed by governments and other legitimate bodies that means it is widely seen as unbreakable. When Guardian Money warned readers about CryptoLocker ransomware in October, a spokesperson for security firm Sophos told us that “if you haven’t got back up and you get hit by CryptoLocker, you may as well have dropped your PC over the side of the bridge”.
Since then, it is estimated that more than 250,000 PCs have been infected and the UK’s National Crime Agency has warned 10 million UK-based email users are being targeted.
Only PCs running Windows can be infected but the CryptoLocker malware can be hidden in any executable attachment or sneak on to your computer via a driveby download from a disreputable or infected website.