National Crime Agency disables Ramnit bank-robbing botnet

The National Crime Agency (NCA) has shut down servers used by the Ramnit botnet to target and steal money from bank accounts

The National Crime Agency (NCA) and other European crime agencies have shut down servers used by a botnet targeting personal banking information. One of the servers was found to be in Gosport in Hampshire.

Ramnit, as the botnet is known, has largely been used to attempt to take money from bank accounts. It has infected tens of thousands of computers in the UK. It was spread through links sent out on phishing emails or social networking websites. Users running Windows operating systems (OS) that clicked on the links have been infected.

“Infected computers would then be under the control of criminals, enabling them to access personal or banking information, steal passwords and disable antivirus protection,” said the NCA.

Read more about Ramnit

Ramnit controls 33,000 UK PCs

Investigators think Ramnit has infected three million computers worldwide, with around 33,000 in the UK.

The NCA is now advising people to check whether their computer has been infected. by downloading specialist disinfection software.

Steve Pye at the NCA’s National Cyber Crime Unit said the operation is disrupting a cyber-crime threat which has left thousands of ordinary computer users in the UK at the risk of having their privacy and personal information compromised.

“This malware effectively gives criminals a back door so they can take control of your computer, access your images, passwords or personal data and even use it to circulate further spam messages or launch illegal attacks on other websites.

“As a result of this action, the UK is safer from Ramnit, but it is important that individuals take action now to disinfect their machines, and protect their personal information.”

Europol was alerted to Ramnit by Microsoft, after data analysis showed a big increase in infections.

Read more on IT for financial services