Besides wielding thunderbolts, Zeus can steal your usernames and passwords. At least, the offspring of the Zeus malware can. “Gameover” is the name of the latest Zeus variant and is called so for good reason. When a computer is infected, it steals your bank account information. Once in the bank account, it is essentially game over.

Lets break Gameover down and see how it works. Infections are usually brought about through phishing scams. These are scams sent through email that try and trick the user into clicking on things that they shouldn’t be clicking on. The emails usually look like they come from legitimate companies like shipping companies, retail stores, banks, etc. With the Gameover malware, a link is provided that when clicked, takes the user to a malicious website. A download of Gameover is initiated in the background and the malware is installed.

The FBI has been investigating the Gameover malware and have discovered that some of the funds stolen from bank accounts go towards the purchase expensive jewelry.

“The criminals contact these jewelry stores, tell them what they’d like to buy, and promise they will wire the money the next day. So the next day, a person involved in the money laundering aspect of the crime—called a “money mule”—comes into the store to pick up the merchandise. After verifying that the money is in the store’s account, the jewelry is turned over to the mule, who then gives the items to the organizers of the scheme or converts them for cash and uses money transfer services to launder the funds.”

The moral of the story:  Don’t open emails that you were not expecting.  If you do open them, don’t open attachments or click on links.  If you do open attachments or click on links, make sure your security software is fully updated to catch the malware before it infected your computer.  If you do get infected, call INVISUS and have one of our trained and certified technicians remove all infections and get your computer running like new again.

 Digg  Facebook  StumbleUpon  Technorati  Deli.cio.us