Endpoint Protection

 View Only
  • 1.  Game Over Zeus variant found 07/10/14

    Posted Jul 11, 2014 10:41 AM

    When will Symantec have virus definitions available to protect against the Game Over Zeus variant outlined in the following blog article:

    http://blog.malcovery.com/blog/breaking-gameover-zeus-returns?utm_campaign=Gameover+Zeus+Return&utm_source=hs_email&utm_medium=email&utm_content=13437848&_hsenc=p2ANqtz---FRHE6hHt0E6_5ZcoZgVJJWpxELsDzjKRsH4mPBla2W22gp7r3j3kV0OzKyefY88zdIjynDpBWBKF0jOLm68WSE7BKg&_hsmi=13437848



  • 2.  RE: Game Over Zeus variant found 07/10/14

    Posted Jul 11, 2014 10:42 AM

    I haven't seen anything specific to it yet, but I would imagine very soon. Do you have a sample you can submit to verify?

    Also, do you have IPS/firewall enabled? These will add layers of protection.

    Updates should show here:

    http://www.symantec.com/security_response/definitions/certified/



  • 3.  RE: Game Over Zeus variant found 07/10/14

    Posted Jul 11, 2014 11:01 AM

    Hi Brian.  Thanks for the reply.  I do not have a sample at the moment, but the MD5 hash is 5e5e46145409fb4a5c8a004217eef836  One of my customers is worried about the reintroduction of this malware because they apparently got hit with the original when it initially appeared.  Yes, we have IPS/firewall/inbound email/outbound email scanning/etc deployed in their environment but we want to make sure the endpoints are also protected in case the malware makes it past the other security points.  I will keep an eye out on the page you mentioned in your reply.  That page only shows what malware definitions are being "pushed out" in the current release, but does not show what malware definitions will be in future releases.  Is there a page like that somewhere that I can reference?  Thanks again!



  • 4.  RE: Game Over Zeus variant found 07/10/14

    Posted Jul 11, 2014 11:04 AM

    It doesn't show anything for future releases for defs.

    Aside from waiting for new defs, I know there are IPS defs that should stop it. However, I would expect defs soon.