The latest from our Security Team
The Tenzing Security team is a vital part of our organization. Their expertise and dedication allowed us to respond incredibly quickly to the Heartbleed vulnerability. All of our clients were notified of the vulnerability within ours and patched quickly with no service disruptions.
Check out the timeline of our response.
We are lucky to have such an expert team in house, and they regularly share tips and suggestions to keep our business and personal systems secure. To give you some insight into, I wanted to share the latest.
Security Update: CryptoLocker and Gameover Zeus
Earlier this year our team warned us about a nasty piece of Ransomware called CryptoLocker. After encrypting a file it would demand $300 for sending the decryption key. The United States Department of Justice (DOJ) suggests that the crew behind CryptoLocker raked in $27,000,000 in September and October 2013 alone.
We also heard about another malware named Gameover Zeus – one of the most notorious botnets of recent times. It’s used to grab covert control of innocent users’ computers and to “borrow” them to carry out cybercrime on a giant scale. The best-known criminal functionality of Gameover is probably its banking-related trickery, where it keeps track of what your computer is doing online until you start some sort of financial transaction. Then the malware comes alive and grabs the personal information that you type in, such as your username and password. It may even be able to intercept the one-time passcode sent by your bank (what is known as two factor authentication). Gameover crooks have stolen more than $100,000,000 from users in the US alone.
These two families of malware are often discussed together because Gameover, which gives its operators the power to upload new malware to already-infected computers, has been one of the ways by which CryptoLocker was distributed.
So here’s the good news: Last week the US DOJ announced a string of legal and technical assaults on the criminal infrastructures of these two malware families. This has resulted in the arrest of cyber criminals from all over the world, including in Russia and the Ukraine where they seized Gameover command servers.
What happens next?
The next stage – the part of the operation that is the duty of all of us – is to dismantle the rest of the botnet, by progressively disinfecting all the zombie-infected computers that made the Gameover and Cryptolocker “business empires” possible in the first place.
US-CERT has come up with a whole list of free tools so you can do just that , and if you’re like me and are considered the go-to person for IT problems amongst your friends and family, you can help others too. These are all free downloads and cleaning tools.
We strongly recommend that all of you visit the US-CERT page and run one of the suggested tools on your computers both at work and at home.
Hopefully you found the information about these recent malwares helpful or interesting – I know I double checked all of the machines in my house!
If you are interested in learning more about our security team and processes check out our Security Best Practices Whitepaper here.