The National Crime Agency (NCA) and other European crime agencies have shut down servers used by a botnet targeting personal banking information. One of the servers was found to be in Gosport in Hampshire.
Ramnit, as the botnet is known, has largely been used to attempt to take money from bank accounts. It has infected tens of thousands of computers in the UK. It was spread through links sent out on phishing emails or social networking websites. Users running Windows operating systems (OS) that clicked on the links have been infected.
“Infected computers would then be under the control of criminals, enabling them to access personal or banking information, steal passwords and disable antivirus protection,” said the NCA.
Read more about Ramnit
- The Ramnit worm now supports man-in-the-middle attacks, giving cyber criminals the ability to drain a victim’s bank account.
- Researchers at security firm Seculert have discovered a cache of 45,000 Facebook login credentials tied to the Ramnit worm
- Cyber criminals are stepping up their use of social engineering techniques to bypass increasingly security-aware users of online banking and e-commerce sites, according to security firm Trusteer.
Ramnit controls 33,000 UK PCs
Investigators think Ramnit has infected three million computers worldwide, with around 33,000 in the UK.
The NCA is now advising people to check whether their computer has been infected. by downloading specialist disinfection software.
Steve Pye at the NCA’s National Cyber Crime Unit said the operation is disrupting a cyber-crime threat which has left thousands of ordinary computer users in the UK at the risk of having their privacy and personal information compromised.
“This malware effectively gives criminals a back door so they can take control of your computer, access your images, passwords or personal data and even use it to circulate further spam messages or launch illegal attacks on other websites.
“As a result of this action, the UK is safer from Ramnit, but it is important that individuals take action now to disinfect their machines, and protect their personal information.”
Europol was alerted to Ramnit by Microsoft, after data analysis showed a big increase in infections.