We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
2,845 Tutorials

Windows users: how to protect your PC from Gameover ZeuS and Cryptolocker

5 important things to do to ensure you don't get scammed

How to stop cryptolocker and GoZeuS

The UK’s National Crime Agency along with the FBI, Europol and various security software firms have worked together to temporarily pause the attacks from the Cryptolocker and GOZeus malware. Here’s what you need to know about keeping your PC and data safe. See also: How to stop Cryptolocker

Operation Tovar: in a nutshell

Since last Friday, 30th May, law enforcement agencies, internet service providers and tech security firms from 11 countries have teamed up to try and stop infected computers from communicating with each other.

It has been fairly effective, but they admit that they can’t keep the criminals’ network down for long. That’s why there are so many headlines telling you that you have two weeks to protect your PC.

In fact, the malware has been around for a long while and is thought to have infected over 15,000 computers in the UK already. However, because the criminal network’s “command and control” is weakened, the government has said this is a “window of opportunity” to protect your PC.

How to protect yourself from GOZeuS and Cryptolocker

Cryptolocker and GOZeuS: what’s the threat?

Both are nasty pieces of malware. Cryptolocker encrypts your files and demands a ransom to decrypt them. However, there’s no guarantee that you’ll get access to your files if you pay up, and there’s no other way to decrypt them.

GOZeuS (GameOverZeuS, also known as P2PZeuS) is an advanced piece of malware that scans your PC for financial – banking – details and other valuable personal data which the criminals can sell on.

The two work together with Cryptolocker kicking in after GOZeuS has done its dirty work.

How to stay safe

Our advice is simple, and the same as always:

1 – Keep Windows up to date with the latest security patches and other fixes. This should happen automatically, unless you disabled Windows Update. To check if Windows is up to date, run the Windows Update tool. Search for in in the Start menu.

2 – Make sure your antivirus or internet security suite is fully up to date and hasn’t been disabled. If you haven’t installed any antivirus software, or you’ve let a subscription lapse, be sure to re-subscribe or install some free software such as AVG or Avira. Here are the 15 best antivirus programs for PCs and laptops

3 – Don’t open email attachments or click on links in emails unless you’re certain they’re safe. This is how most phishing attacks work, and don’t assume that just because an email is from a trusted person that attachments and links are safe. Their email password may have been hacked and the criminals are using their account to send out phishing emails. Expect to receive emails purporting to be from your internet service provider or the government asking you to click on links or open attachments. These are the ways in which criminals try to fool you and get you to give them personal information. If anything seems suspicious - such as greetings saying 'Dear customer' rather than your full name - delete the email immediately.

If you do click on a link or open an attachment, the malware may install itself automatically, so always be on your guard.

4 – Back up your most important documents. This is absolutely vital to protect against Cryptolocker. It doesn’t matter if your files are encrypted if you have an up-to-date back up. You can simply restore the files, perhaps after reinstalling Windows if it comes to it.

Here’s how to create a backup strategy, but if you don’t have time to read that, the most important thing is to copy the contents of your user folder (Documents, Photos, Videos and any other files that can’t be easily replaced) to a portable hard drive that you can store separately from your PC. See also: How to back up files in Windows

A network-connected backup drive such as a NAS may be susceptible to Cryptolocker, so you need an offline backup to be safe.

5 – Finally, if your PC or laptop has a webcam, you might consider covering it up with a piece of masking tape as these malicious programs may be able to access your device’s cameras and take photos or video.

Check your PC

Many of the antivirus companies have made special tools that you can run to check if your computer is infected. These can be used even if you have antivirus software from a different company:

F-Secure Online scanner

F-Secure Rescue CD (Windows XP)

Kaspersky removal tool (if you think your computer is infected with malware)

Kaspersky Cryptolocker tool

McAfee Stinger 

Microsoft Safety Scanner

Sohpos

Symantec

Trend Micro Threat Detector

IDG UK Sites

Windows 9 release date, price, features: 30 September marked for unveiling

IDG UK Sites

Gateway to your kingdom: why everybody should check and update their broadband router

IDG UK Sites

Netflix whips up 3D VR viewing room for Oculus Rift during company hack day

IDG UK Sites

Best Mac? Complete Apple Mac buyers guide for 2014