Although GameOver Zeus (GOZ) has been taken down in an international effort supervised by the U.S. Department of Justice, under the code name “Operation Tovar”, danger still exists and we will give you a few instructions on how to protect yourself aganst GameOver Zeus and other botnets.
The cooperation necessary to take down the botnet is overwhelming and hopefully it represents the beginning of multiple successful operations to make the internet and the connected users safer.
CrowdStrike is one of the private companies that was heavily involved in Operation Tovar, and it worked with the United Kingdom’s National Crime Agency, the FBI, Europol, global law enforcement, and other players in the private sector. Adam Meyers, VP of intelligence at CrowdStrike, described the results of Operation Tovar. “Over 500,000 infected machines were effectively disconnected from criminal control,” he said. “The actors behind GOZ and Cryptolocker, which were both impacted by the recent actions, have done significant damage against unsuspecting victims.”
Most antimalware tools do a poor job of identifying and blocking botnet threats and offered this advice to help individuals avoid becoming victims:
- Block email attachments containing executable files or ZIP files with executable files like EXE and SCR.
- Use vulnerability mitigation software to make up for unpatched software and avoid getting hit by exploit kits. The Microsoft Enhanced Mitigation Experience Toolkit (EMET) has a proven track record of protecting from attacks—including rare zero-days—before software patches are even available. Also, EMET can be managed in corporate environments using Group Policies.
- Install antivirus software. Although not perfect, antivirus software can still catch a large percentage of malware and reduce noise. Free antivirus software such as Microsoft Security Essentials or AVG Free are just as good as commercial offerings, so don’t feel like you have to pay money to get a good product.