Page 34 - index
P. 34
a PDF which urged readers to look inside at “their account information.” Instead, the
attachment contained a Trojan compliments of Gameover Zeus.
Interestingly, it looks like the Gameover Zeus group abandoned its once effective peer-to-
peer communications protocol and instead opted for a more direct command and control
architecture that hides behind a domain name-generating algorithm to receive orders from its
C & C. It also appears that the malware has changed the way it maintains a foothold in an
infected host. But underneath the surface there are undeniable trademark signs that
Gameover Zeus is back for more.
At this time, it is unclear whether or not Gameover Zeus is back with a vengeance or simply
making that one last dramatic gasp for air as it continues to descend back into the depths of
a deep, dark web. But one thing’s for sure, all eyes are on this botnet to see what it could
possibly have in store for us next.
How to Stay Safe
In order to protect yourself from the remnants of Gameover Zeus, CryptoLocker and most
other Internet threats, it is important to monitor your online actions and never become
complacent in day to day activities.
Stay away from questionable websites and make smart choices when navigating from
search engine results to web pages. Cybercriminals know how to make their malicious sites
appear near the top of your search results and use this tactic more often than you think.
Also, it’s a good standard practice to delete unsolicited email, especially if you are unfamiliar
with the sender or the sender appears to be forged.
Make sure your computer’s software always stays up to date, and go ahead and uninstall
unused software programs from your computer because all too often they become forgotten,
unpatched and create yet another target option for attackers.
Remember, a multi-layered approach to security is smart – use a properly configured
firewall, anti-virus, email and web filtering products from a reputable security company and
most of all, remain vigilant.
About the Author
Fred Touchette, CCNA, GSEC, GREM, GPEN, Security+, is a Senior Security Analyst at
AppRiver. Touchette is primarily responsible for evaluating security controls and identifying
potential risks. He provides advice, research support, project management services, and
information security expertise to assist in designing security solutions for new and existing
applications.
34 Cyber Warnings E-Magazine – August 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
