Washington - Internet users have been urged to run checks to protect themselves from the global cybercrime botnet after the US charged a Russian man with being behind the operation which has afffected individuals and business worlwide. Evgeniy Bogachev, said to be known as "lucky12345" and "slavik", is accused of being involved in attacks on more than a million computers. The charges came as authorities seized control of a botnet used to steal personal and financial data. In a press conference yesterday, the US Department of Justice said it believed Mr Bogachev was last known to be residing in Anapa, Russia. Cooperation with Russian authorities had been "productive", a spokesman added. In a entry added to the FBI's Cyber Most Wanted list, it stated: "He is known to enjoy boating and may travel to locations along the Black Sea in his boat." His charges, filed in a court in Pittsburgh, included conspiracy, wire, bank and computer fraud, and money laundering. The UK's National Crime Agency (NCA) said people probably had "two weeks" before the criminals would get the botnet functioning again, and posted advice on how to best protect computers. Internet service providers (ISPs) will be contacting customers known to have been affected by either letter or email. The first notices were sent out on Monday, correspondents say.
Advice from Get Safe Online
Install internet security software from companies listed on Get Safe Online's Facebook and Google+ profiles to download a free tool to scan for Gameover Zeus and CryptoLocker, and remove them from your computer
Do not open attachments in emails unless you are 100% certain that they are authentic
Make sure your internet security software is up-to-date and switched on at all times
Make sure your Windows operating system has the latest Microsoft updates applied
Make sure your software programs have the latest manufacturers' updates applied
Make sure all of your files including documents, photos, music and bookmarks are backed up and readily available in case you are no longer able to access them on your computer
Never store passwords on your computer in case they are accessed by Gameover Zeus or another aggressive malware program
The action related to a strain of malware - meaning malicious software - known as Gameover Zeus.
Malware is typically downloaded by unsuspecting users via what is known as a phishing attack, usually in the form of an email that looks like it comes from somewhere legitimate - such as a bank - when it fact it is designed to trick a person into downloading malicious software.
Once installed on a victim's machine, Gameover Zeus will search specifically for files containing financial information.
If it cannot find anything it deems of worth, some strains of Gameover Zeus will then install Cryptolocker - a ransomware program that locks a person's machine until a fee is paid.
The FBI said Gameover Zeus could be responsible for "financial losses in the hundreds of millions of dollars".
Hi-tech crime terms
Bot - one of the individual computers in a botnet; bots are also called drones or zombies
Botnet - a network of hijacked home computers, typically controlled by a criminal gang
Malware - an abbreviation for malicious software ie a virus, Trojan or worm that infects a PC
Ransomware - like malware, but once in control it demands a fee to unlock a PC
"This is because the UK's NCA has taken temporary control of the communications used to connect with infected computers, but expects only a very limited window of opportunity to ensure you are protected."
Technical problems caused some users to become unable to access the Get Safe Online website on Monday afternoon.
A spokesman said: "We have been overwhelmed by the interest of those trying to take action to protect themselves by visiting our page.
"We are sorry about this and are working very hard to make the page available as quickly as possible. In the meantime, the advice can be accessed via our Facebook and Google+ pages."
More detailed information on the threat was published by the US Computer Emergency Readiness Team (Cert).
Following a slew of high-profile hack attacks in recent weeks - including eBay, Spotify and shoe retailer Office - security expert Rik Ferguson raised concerns that computer users might be suffering from "notification fatigue".
However, he stressed that this operation was more targeted, and should not be ignored.
"I think one of the things that is really critical with this operation is that if people are infected, it's going to be completely invisible to them," the Trend Micro security researcher said.
"One of the strengths of this operation is not only that it involved organisations around the world, but that it involved the ISPs as well.
"The ISPs will go out and proactively notify any of their customers who are infected."
He suggested that machines known to be infected by serious malware should be placed in a quarantined environment until the threat was removed.(FA)
