By Courtney Trenwith
Emirates is the third highest country hit by damaging Gameover Zeus virus which that has stolen millions of dollars
The UAE is the third most targeted country in the world by a damaging cyber virus that has hit up to one million computers and resulted in tens of millions of dollars being stolen, according to Australian experts at cyber security company Symantec.
Gameover Zeus has infected an estimated 40,000 to 80,000 computers in the UAE, according to calculations based on Symantec data that shows eight percent of all computers affected by the malware are in the Gulf state.
Experts told the Daily Telegraph, Gameover Zeus is sophisticated and capable of evading anti-virus software, infecting a user's machine when they open a PDF or click on a link in an email.
Once on the computer, Gameover Zeus can intercept financial transactions and rewrite them so that payments are redirected into other accounts.
Even more astonishing, the malware also has the power to disguise unapproved payments so that account statements appear normal.
The US and Italy – with 13 percent and 12 percent, respectively – have been hit the hardest. About seven percent of infections have been on computers in the UK, according to Symantec.
The malware is so sophisticated international police have shut it down three times – including this week - since it emerged in 2011. However, the virus has continued to reinvent itself.
The FBI reportedly said computer users have two weeks from the latest shutdown to clean up their hard drives and install new anti-virus software before Gameover Zeus will be operational again.
It has been so difficult to shut down because it uses peer-to-peer software, meaning that even if the main server is shut down infected computers can continue to communicate with one another and continue operating, the Daily Telegraph said. The malware also has the ability to evade anti-virus software.
Computers infected by Gameover Zeus often also harbour a separate malware, Cryptolocker, which comes into effect when the users’ financial records cannot be accessed by the initial virus.
The two pieces of malware have been traced to the same Eastern European network, the Daily Telegraph said.
Cryptolocker holds users to ransom, presently demanding one Bitcoin, an untraceable form of online currency worth about $500.
According to Symantec data, 3 percent of people affected by the Cryptolocker malware pay the ransom rather than lose their files and paying the ransom seems to be the only way for users to gain access to their files once they have been attacked.
“There's really no alternative to getting files back after the infection. There's not much we can do about it… without having the keys it's virtually impossible to decrypt the files,” Marcel Mascunan, marketing manager for Kroll Ontrack Asia Pacific, told the Daily Telegraph.
The US government has admitted that at least one police force has been forced to pay the ransom.
The US Justice Department has accused Russian man Evgeniy Mikhailovich Bogachev as being the leader of the gang behind the software.
It claims the gang has accumulated about $100m from ransoms.
Computer users have been warned to update their anti-virus software, change their passwords and monitor their accounts.For all the latest tech news from the UAE and Gulf countries, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page, which is updated daily.