NCCU/Europol shuts down RAMNIT Botnet
Feb 25, 2015 - "... In partnership with Europol and local law enforcement units in The Netherlands, Italy, and Germany, the National Cyber Crime Unit (NCUU) shut down command and control servers used by a network of infected computers. The botnet, named RAMNIT, spread malware through what appeared to be trustworthy links sent via phishing emails or social networking sites. One click of the seemingly harmless URL by Windows users, and the malware would be installed. Computers would then be under the control of criminals, allowing the hackers to access personal information, steal passwords, and disable antivirus protection... National Crime Agency investigators believe RAMNIT could have contaminated more than 3 million computers worldwide — 33,000 of which are in the U.K. According to the collected data, the botnet has, so far, been used mostly to siphon money from bank accounts. Microsoft knew something was up when it noticed a spike in computer infections. The company alerted Europol, which teamed up with the Joint Cybercrime Action Taskforce (J-CAT) to take down RAMNIT. Launched in the fall as a six-month pilot program, the J-CAT taskforce will continue its efforts to combat cyber crime, working with agencies across Europe, Canada, and the U.S. to share intelligence..."
Feb 25, 2015 - "... The NCA is now advising people to check whether their computer has been infected by downloading specialist disinfection software, which is available free of charge at CyberStreetWise* or GetSafeOnline**. The disinfection tools will identify whether a computer has been infected and, if so, disinfect it. The tool will cause no harm if used on computers that have not been infected. Those whose computers have been affected should then change passwords on banking, email, social media and other potentially sensitive online accounts..."
25 Feb 2015
Ramnit infections by region:
Edited by AplusWebMaster, 26 February 2015 - 07:48 AM.