2,000 users in S’pore hit by GOZ, CryptoLocker malware

SINGAPORE — The Infocomm Development Authority of Singapore (IDA) confirmed yesterday that 2,000 usershere had been affected by the Gameover Zeus (GOZ) and CryptoLocker malware, which had hit users worldwide.

An IDA spokesperson said: “The United States authorities found 2,000 affected users in Singapore and informed SingCERT (Singapore Computer Emergency Response Team), which is working with local Internet service providers to notify them.

“So far, no government e-services have been affected. We will continue to strengthen all government websites and e-services by taking the necessary security measures, such as checking and fixing vulnerabilities and patching software,” added the spokesperson.

GOZ and CryptoLocker encrypt a user’s information and demand a ransom from him in order to decrypt files. Systems infected can be used to send spam, participate in distributed denial-of-service attacks or cause users to lose sensitive information.

A Sky News report on June 3 cited the United Kingdom National Crime Agency as saying the GOZ botnet could be up in two weeks and urged people to protect their computers from an expected “powerful computer attack”. More than 15,000 people in the UK are thought to have been hit by the malware. The US leads the pack among the top six nations affected by GOZ: 13 per cent of incidents are from there, followed by Italy (12 per cent), the UAE (8 per cent), Japan and the UK (7 per cent) and India (5 per cent).

On Wednesday, SingCERT identified the following systems to be affected by the malware: Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7 and 8, as well as Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012. SingCERT advised affected users to scan their computers with an updated anti-malware solution to remove GOZ and other malware, change all user names and passwords and back up files regularly.

The US Computer Emergency Readiness Team posted an alert on its website on June 2, declaring a multi-national effort that disrupted the GOZ botnet — a global network of infected computers used by criminals to steal money from firms and consumers.

“GOZ’s decentralised, peer-to-peer structure differentiates it from earlier Zeus variants. Researchers estimate that between 500,000 and 1 million computers worldwide have been infected with GOZ, which the FBI estimates is responsible for more than US$100 million (S$125 million) in losses,” said US Department of Justice. KEVIN KWANG