Computer users have been warned to take urgent action to protect themselves from a global cyber virus pandemic.

Police around the globe have launched an unprecedented attack on high-tech criminals behind software causing misery to millions, but the hackers are expected to soon rebuild their network.

Gameover Zeus, which first appeared in September 2011, stole bank information and other confidential details from victims.

According to FBI investigators, the virus infected between 500,000 and a million computers in 12 countries, creating a network of "bots" the hackers could "infiltrate, spy on, and even control, from anywhere they wished."


"Gameover Zeus is the most sophisticated botnet the FBI and our allies have ever attempted to disrupt," said FBI Executive Assistant Director Anderson.

The FBI blamed the Gameover Zeus botnet for the theft of more than US$100 million (NZ$118.32m), obtained by using the stolen bank data and then "emptying the victims' bank accounts and diverting the money to themselves."

But the grip of those behind the so-called 'malware' has been weakened by a counter attack on the servers which control the software.

New Zealand involved in sting

US investigators worked with counterparts in New Zealand, Australia, the Netherlands, Germany, France, Italy, Japan, Luxemburg, Canada, Ukraine, and Britain, as well as the European Cybercrime Center, according to a statement. They were also aided by private companies, including Dell, Microsoft, Afilias, Deloitte and Symantec.

Computer users must install anti-virus software and update their operating systems to the latest versions to stop it regaining its hold, computer experts said.

Those who fail to do so risk having their valuable data, including precious photographs, music and personal files held to ransom.

Read more:
Internet fraudsters posing as Facebook friends
New Apple Mac features unveiled

In the worst cases, victims could lose access to their bank accounts which could be systematically drained by the criminal network.


Time limited to protect yourself

Gameover Zeus has spread worldwide but has been temporarily disabled by the international effort by law enforcement agencies.

Potential victims can protect themselves but have only a short time to do so before the hackers can rebuild their network.

The international effort by forces including the National Crime Agency (NCA), Interpol and Europol, targeted the 'command and control' servers behind the virus.

Hackers will be able to install new ones, but it is thought that there will be a window of opportunity of at least two weeks for computer users to protect themselves.

Many of those whose computers have already been infected will be contacted by their internet service providers.

How it works

The software installs itself on a computer when the victim clicks on a link in an unsolicited email or via a website. It then sends out more emails to lure further victims, without the knowledge of the computer users, and spreads quickly across the internet.

The virus lays dormant until it spots an opportunity to steal personal details such as online banking information and passwords. It then transmits this information back to the criminal network who use it to drain the victim's accounts.

In a further twist, if the user is not a 'viable' victim then the software locks the information on the computer and holds it to ransom.

At the moment the software demands one Bitcoin, an untraceable form of online currency favoured by criminals, which is around NZ$600.

The US Government admitted that at least one police force has been forced to pay this ransom to release sensitive files.

The international bust also targeted another computer virus, dubbed "Cryptolocker," which appeared in September 2013. It encrypted the computers of its victims and demanded a ransom - often in excess of NZ$828 - in exchange for the password to unlock it.

Mobile phones may not be immune. Photo / Thinkstock

Investigators say the cyber criminals amassed more than NZ$32m in just the first two months.

The US Justice Department filed papers yesterday accusing a Russian named Evgeniy Mikhailovich Bogachev as being the leader of the gang behind the software.

The 30-year-old was charged in Pittsburgh, Pennsylvania, with 14 counts including conspiracy, computer hacking, bank fraud and money laundering in the Gameover Zeus and Cryptoblocker schemes.

Bogachev, sometimes called "Slavik" or "Pollingsoon," was also charged in Omaha, Nebraska with "conspiracy to commit bank fraud" in relation to an earlier incarnation of Gameover Zeus.

"Evgeniy Bogachev and the members of his criminal network devised and implemented the kind of cyber crimes that you might not believe if you saw them in a science fiction movie," said Leslie Caldwell, deputy attorney general.

The complaint claims the software has been responsible for the loss of more than US$100m from individuals and a string of major companies.

What to do

Andy Archibald, of the NCA, said: "Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals.

"By making use of this two-week window, huge numbers of people...can stop that from happening to them.

"Whether you find online security complicated or confusing, or simply haven't thought about keeping your personal or office computers safe for a while, now is the time to take action.

"Our message is simple: update your operating system and make this a regular occurrence, update your security software and use it and, think twice before clicking on links or attachments in unsolicited emails."

Computer users who fear they could fall victim to the virus are advised to install anti-virus software and ensure their operating system has the latest security updates.

It is thought that the gang first check if a target's keyboard is in Russian and only strike if it is another language.

Eunice Power is one British victim who has been blackmailed by the cyber criminals. After corrupting files on her computer, the gang offered to fix the problem for several hundred pounds.

Miss Power, a chef who runs a business from home, told Channel 4 News: "I could actually feel perspiration coming out through me.

"I lost everything: family photographs, recipes, payroll, my accounts package. It was devastating."

The attack was so complex that an external storage unit that was connected to the computer at the time was targeted by the gang, preventing Miss Power from accessing it.

Stewart Garrick, from the National Cyber Crime Unit, said that solicitor firms, police stations in America and academic institutions had been targeted.

Victims are urged to contact a site created by the Department of Homeland Security:

Phones could be next

Charlie McMurdie, former head of the national ecrime unit, described the threat as a 'cyber plague' and warned that it could also be used to target mobile phones.

"Once one of these plagues is released everybody will pick up on it, adapt it and people around the world will be using these sorts of virus to carry out crime," she said.

"It's not just computers, this kind of malware is now being hitting our mobile phones.

"It can have a significant impact on individuals and companies."

Ms McMurdie said the virus 'had been known about for a long period of time' and warnings about the virus had been issued over the last few months.

Next story: New Apple Mac features unveiled

- Daily Mail / AFP