pixel_dreams - Fotolia
The UK National Crime Agency (NCA) has issued a warning about a “significant strain of malware” that has enabled criminals to steal millions of pounds from UK bank accounts.
The stolen details are then exploited to steal money from individuals and businesses around the world.
Global financial institutions and a variety of different payment systems have been particularly targeted, with UK losses estimated at £20m.
The NCA said some private individuals may also have unwittingly become victims of the Dridex malware. The agency is encouraging all internet users to ensure they have up-to-date operating systems and antivirus software installed on their machines, to protect themselves from further cyber crime attacks.
Internet users are also urged to visit the CyberStreetWise and GetSafeOnline websites where a number of antivirus tools are available to download to help clean up infected machines and get advice and guidance on how to protect themselves in the future.
Anyone who thinks they have lost money through malware such as Dridex, should report their concerns to Action Fraud and alert their respective banks, the NCA said.
Computers typically become infected with Dridex malware when users receive and open documents in seemingly legitimate emails.
The NCA said there could be thousands of infected computers in the UK, most being Windows users.
Authorities act to counter Dridex threat
The National Crime Agency is acting to "sinkhole" the malware, stopping infected computers – known as a botnets – from communicating with the cyber criminals controlling them. This activity is in conjunction with a US sinkhole operated by the FBI.
According to the NCA, the agency’s National Cyber Crime Unit (NCCU) has rendered a large portion of the botnets harmless and are now initiating remediation activity to safeguard victims.
This activity is part of a sustained and ongoing campaign targeting multiple versions of Dridex and the cyber criminals behind it, who operate in parts of the world that are hard to reach.
The FBI and the NCA – with the support of the European Cyber Crime Centre (EC3) and the Joint Cybercrime Action Taskforce (JCAT) at Europol, the Metropolitan Police Service, GCHQ, Cert-UK, Germany’s Federal Criminal Police Office (BKA), the Moldovan authorities and key private sector security partners – are developing and deploying techniques to safeguard victims and frustrate criminal networks.
“This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes,” said Mike Hulett, head of operations at the NCCU. “Our investigation is ongoing and we expect further arrests to made.”
Read more about Dridex
- The Dridex banking Trojan has adopted new functionality to bypass virtual machines.
- The creators of quickly mutating Dridex campaigns have a sophisticated understanding of evading security measures.
- Malicious attachments have dominated the 2015 campaigns to date, driven by the huge volumes of attachments and messages delivered by the Dridex campaigners as well as other botnets.