News > FBI warning about Banking trojan "Gameover"
FBI warning about Banking trojan "Gameover"
Organized crooks have begun launching debilitating cyber attacks against banks and their customers as part of a smoke screen to prevent victims from noticing simultaneous high-dollar cyber heists. On Friday the FBI issued a warning about a banking trojan named Gameover. It’s a new variant of Zeus, a user credential stealing malware that targets online bank users. Zeus has been around for years, and every now and then a new version with a new twist pops up.
Gameover has also been implicated in Distributed-Denial-of-Service attacks that temporarily-disable bank websites to draw attention away from fraudulent transactions. Like another Zeus variant, Troj/BredoZp-GY, Gameover uses e-mail spam to propagate, and the safest way to keep Gameover away from your PC is to avoid links and file attachments that are contained in unfamiliar e-mail messages.
Experts warn that any interaction with this fake NACHA link can infect your PC with the Gameover banking Trojan, which will attempt to steal bank-related information while Gameover hides its own actions from site. Gameover Trojan it must be removed immediately to make your computer clean and safe.
How do you avoid bank trojans? - ( from Norman Blog )
1. Never, ever click on links (in email) that encourage you to “update your account information”, “check if your account has been compromised” or similar.
2. Always, always login to your bank by typing the address in the browser url bar.
3. Make sure your browser and operating system are always updated. Never, ever click “Later” when your browser or OS prompts you about a new security update.
4. Keep you antivirus up to date. An advanced security solution will detect any harmful sites and block any malicious files, so that you don’t have to.
Because Gameover and similar forms of banking Trojans are designed to conduct their attacks in a clandestine manner, you may not see much sign of Gameover on your PC, other than some anomalies in RAM usage or file processes. However, a successful Gameover infection can be the cause of :
1. Loss of account login data and other forms of information that are used in bank-related websites.
2. Loss of other forms of information that are gathered through keylogging (a broad form of spyware attack that monitors all types of keyboard input).
3. Fraudulent transactions from your bank account due to abuse of any information that was stolen in the above attacks.
4. DDoS (or Distributed-Denial-of-Service) attacks that crash your bank’s website to limit your access and conceal these transactions.
Read Herethe Method to Remove "Gameover" from infected computers.
Reference : Hacker News
Computer Forensic, Internet Investigation and IT Consultant