£20($30) million stolen from British bank accounts in malware attack

Law enforcement agencies with the help of several cybersecurity firms took control of a botnet network of machines that distributed malicious software known as “Bugat,” “Cridex” or “Dridex. The Dridex malware was used by cyber criminals to steal some £20 million ($30 million) from UK bank accounts according to the National Crime Agency (NCA).

NCA has issued issued a warning Internet users especially those from United Kingdom to protect themselves against the Dridex and said that they are chasing down the “technically skilled” cyber criminals.According to NCA this malware preyed on unsuspecting people by slipping into their computers, stealing passwords and siphoning money from bank accounts. For distribution, it relied on a network of enslaved computers. Experts say the botnet infected maybe 125,000 computers a year.Separately, the U.S. Department of Justice also filed criminal charges against Andrey Ghinkul, a 30-year-old man who is believed to have been the hacker at the helm of the operation. Ghinkul was recently arrested in Cyprus, and American prosecutors are seeking to have him extradited to stand trial in the United States.U.S. Attorney David J. Hickton of Pennsylvania said: “We have struck a blow to one of the most pernicious malware threats in the world.”According to the indictment, Ghinkul’s high tech cyber crimes have been going on for years now. Investigators believe Ghinkul and others sent official-looking spam that tricked people to open poisonous email attachments. Using that method, they were able to steal $3.5 million from Penneco Oil in Pennsylvania in 2012 and send that to bank accounts in Belarus and Ukraine, according to the indictment.

Bugat evolved over the years into smarter and more capable versions. Researchers called later it Cridex, then eventually Dridex. The massive botnet distribution system — the one that was just shut down — made Dridex the most popular malware bombarding corporate computer networks. If work email got hit with spam, it’s likely much of it was Dridex.

Security researchers have been collaborating with the law enforcement agencies for this operation.  Researchers from Proofpoint said that the hackers sent out waves of up to 350,000 Dridex-laced spam emails every day, while, researchers at Dell SecureWorks started working on a project to disrupt the monstrous botnet. It teamed up with law enforcement, and received legal permission to hack the botnet, according to the company.

In United Kingdom, Mike Hulett from the NCA said: “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes.

“Our investigation is ongoing and we expect further arrests to made.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here