pixel_dreams - Fotolia

NCA warns UK of serious cyber attack on financial companies

Hackers target global financial institutions and payment systems with Dridex malware, with UK losses estimated at £20m, warns the National Crime agency (NCA)

The UK National Crime Agency (NCA) has issued a warning about a “significant strain of malware” that has enabled criminals to steal millions of pounds from UK bank accounts.

Dridex malware – also known as Bugat and Cridex – is believed to have been developed by technically skilled cyber criminals in eastern Europe to harvest online banking details.

The stolen details are then exploited to steal money from individuals and businesses around the world.

Global financial institutions and a variety of different payment systems have been particularly targeted, with UK losses estimated at £20m.

The NCA said some private individuals may also have unwittingly become victims of the Dridex malware. The agency is encouraging all internet users to ensure they have up-to-date operating systems and antivirus software installed on their machines, to protect themselves from further cyber crime attacks.

Internet users are also urged to visit the CyberStreetWise and GetSafeOnline websites where a number of antivirus tools are available to download to help clean up infected machines and get advice and guidance on how to protect themselves in the future.

Anyone who thinks they have lost money through malware such as Dridex, should report their concerns to Action Fraud and alert their respective banks, the NCA said.

Computers typically become infected with Dridex malware when users receive and open documents in seemingly legitimate emails.

The NCA said there could be thousands of infected computers in the UK, most being Windows users.

Authorities act to counter Dridex threat

The National Crime Agency is acting to "sinkhole" the malware, stopping infected computers – known as a botnets – from communicating with the cyber criminals controlling them. This activity is in conjunction with a US sinkhole operated by the FBI.

According to the NCA, the agency’s National Cyber Crime Unit (NCCU) has rendered a large portion of the botnets harmless and are now initiating remediation activity to safeguard victims.

This activity is part of a sustained and ongoing campaign targeting multiple versions of Dridex and the cyber criminals behind it, who operate in parts of the world that are hard to reach.

The FBI and the NCA – with the support of the European Cyber Crime Centre (EC3) and the Joint Cybercrime Action Taskforce (JCAT) at Europol, the Metropolitan Police Service, GCHQ, Cert-UK, Germany’s Federal Criminal Police Office (BKA), the Moldovan authorities and key private sector security partners – are developing and deploying techniques to safeguard victims and frustrate criminal networks.

“This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes,” said Mike Hulett, head of operations at the NCCU. “Our investigation is ongoing and we expect further arrests to made.”

Read more about Dridex

Read more on Hackers and cybercrime prevention