Tips to avoid being a victim of a botnet
Posted by: Timothy Weaver on 06/03/2014 03:06 PM [ Comments ]
In an effort dubbed “Operation Tovar", the U.S. Department of Justice announced today that the Gameover Zeus (GOZ) botnet has been taken down.
The take down was the result of a multinational effort between government agencies, law enforcement, and private companies to shut down the massive botnet. It was estimated that the botnet was responsible for more than $100 million in losses for victims.
Adam Meyers, VP of intelligence at CrowdStrike, said: “Over 500,000 infected machines were effectively disconnected from criminal control. The actors behind GOZ and Cryptolocker, which were both impacted by the recent actions, have done significant damage against unsuspecting victims.”
The following is some advice to avoid being a victim:
• Block email attachments containing executable files or ZIP files with executable files like EXE and SCR.
• Use vulnerability mitigation software to make up for unpatched software and avoid getting hit by exploit kits. The Microsoft Enhanced Mitigation Experience Toolkit (EMET) has a proven track record of protecting from attacks—including rare zero-days—before software patches are even available. Also, EMET can be managed in corporate environments using Group Policies.
• Install antivirus software. Although not perfect, antivirus software can still catch a large percentage of malware and reduce noise. Free antivirus software such as Microsoft Security Essentials or AVG Free are just as good as commercial offerings, so don’t feel like you have to pay money to get a good product.
Adam Meyers, VP of intelligence at CrowdStrike, said: “Over 500,000 infected machines were effectively disconnected from criminal control. The actors behind GOZ and Cryptolocker, which were both impacted by the recent actions, have done significant damage against unsuspecting victims.”
The following is some advice to avoid being a victim:
• Block email attachments containing executable files or ZIP files with executable files like EXE and SCR.
• Use vulnerability mitigation software to make up for unpatched software and avoid getting hit by exploit kits. The Microsoft Enhanced Mitigation Experience Toolkit (EMET) has a proven track record of protecting from attacks—including rare zero-days—before software patches are even available. Also, EMET can be managed in corporate environments using Group Policies.
• Install antivirus software. Although not perfect, antivirus software can still catch a large percentage of malware and reduce noise. Free antivirus software such as Microsoft Security Essentials or AVG Free are just as good as commercial offerings, so don’t feel like you have to pay money to get a good product.
Comments