Europol shuts down Ramnit botnet that infected 3.2m PCs
Europol leads operation to knock five-year-old botnet out of action
The long-running Ramnit botnet, which is thought to have infected 3.2 million Windows computers, has been shutdown, thanks to the combined efforts of Europol and the vendor community.
The botnet is thought to have been operational since at least 2010, and has previously been implicated in the theft of tens of thousands of Facebook logins and online banking details.
Its malware is reportedly spread by infecting executable files stored on PC hard drives with copies of itself, as its operators sought to build their botnet.
According to a Microsoft blog post about Ramnit, dating back to 2013, with the botnet in place, the people behind it reportedly turned their attention to using it to carry out dastardly deeds during 2012.
These include stealing online banking logins, passwords, cookies and users' personal information.
The botnet has now been brought to its knees with the help of a cross-continent investigative effort involving teams from Germany, Italy, the Netherlands and the UK working with Europol's European Cybercrime Centre (EC3), as well as representatives from Microsoft, Symantec and AnubisNetworks.
In a blog post by Symantec, published earlier today, the anti-virus vendor confirmed their collective work had resulted in a number of servers owned by the cyber criminals behind Ramnit being seized, along with other parts of their computing infrastructure.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
The company has also released a tool, accessible here, for anyone concerned their PC may have been infected by Ramnit.
Wil van Gemert, deputy director of operations at Europol, said: "This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime.
"We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes.
"Together with the EU member states and partners around the globe, our aim is to protect people around the world against these criminal activities."
Caroline Donnelly was the news and analysis editor of IT Pro. Previously, she worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.
-
ITPro is 20!We take a look back on the past two decades since ITPro launched...
-
Cyber experts issue alert after two ransomware groups team up on ‘unprecedented’ threat campaignNews The tie-up includes a new model of industrialized ransomware deployment that significantly lowers the barrier to entry for cyber crime
-
Businesses warned to protect against growing mobile security threatsNews Symantec analyses Android and iOS mobile platforms for businesses to give organisations security guidance as to how to adapt security policies and procedures.
-
Pharmacy spammers abuse Google’s good nameNews Spammers are manipulating Google's logo to make it look as though the search giant has accredited a supposed online pharmacy.
-
App stores: A security time bomb?News With more and more app stores popping up, are we about to see a significant rise in threats within these virtual stores?
-
Microsoft bites back at Google's Windows snubNews The software giant called Google’s move to ditch Windows ironic, claiming the company has its own security issues to deal with.
-
Slight relief for IT admins with ‘lighter’ Patch TuesdayNews After the mega patch in October, this month sees less problems for Microsoft to fix.
-
New Mac trojan disguises itself like Space InvadersNews Video games, malware and Macs clash head on with a new trojan that runs a game which deletes files by killing aliens.
-
Pirated copies of Apple iWork 09 infected by TrojanNews More than 20,000 Mac users have already downloaded a version of iWork containing a Trojan which can give control to cybercriminals.
-
New software certification to stem vulnerabilitiesNews Security education group looks at new certification which will make sure software developers are doing the right things to keep out the bugs.