A global police operation has severely dented the impact of a malware strain that is thought to have cost Brits in the region of £20 million.
Dridex (sometimes referred to as Bugat or Cridex) spread to computers around the world through spam emails. Once a computer became infected, the malware would sit idle and wait until users loaded online banking sites, at which point it would switch to a login form connected to criminal infrastructure.
Armed with usernames and passwords, the criminals could then siphon off money, with estimates suggesting they could have made £20 million from UK account holders alone.
Good cop ‘Evil Corp’
The Dridex game looks to be up, though, thanks to a joint operation by the National Crime Agency (NCA), Spamhaus, GCHQ, the Metropolitan Police and the FBI – among others. They created sinkhole operations to poison the Dridex peer-to-peer network, effectively cutting off victims’ PCs from botnet masters. This was in addition to the arrest of the Dridex botnet administrator, Andrey Ghinkul, in Cyprus back in August.
Whilst the reach of Dridex could be huge, the public need not be too worried about whether they’re infected. Businesses, on the other hand, have more cause for concern. Evil Corp, which is behind the malware, focused more on companies than individuals. Furthermore, Ghinkul’s arrest brought about an immediate stop to Dridex’s spread.
That said, the malware still exists, so could be appropriated by other criminal groups operating their own botnets.
As always, Windows users are advised to keep their computers safe through up-to-date antivirus software. Plus, Word or Excel attachments from unknown sources should be treated with caution, and Microsoft Office macros should be disabled – or at least set to request permission. For further information regarding how to keep your business safe from threats speak to your IT support provider.
Head of operations at the NCA’s National Cyber Crime Unit, Mike Hulett, commented: “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes.
“Our investigation is ongoing and we expect further arrests to be made.”