Europol shuts down Ramnit botnet that infected 3.2m PCs

Europol leads operation to knock five-year-old botnet out of action

botnet

The long-running Ramnit botnet, which is thought to have infected 3.2 million Windows computers, has been shutdown, thanks to the combined efforts of Europol and the vendor community.

The botnet is thought to have been operational since at least 2010, and has previously been implicated in the theft of tens of thousands of Facebook logins and online banking details.

Its malware is reportedly spread by infecting executable files stored on PC hard drives with copies of itself, as its operators sought to build their botnet.

According to a Microsoft blog post about Ramnit, dating back to 2013, with the botnet in place, the people behind it reportedly turned their attention to using it to carry out dastardly deeds during 2012.

These include stealing online banking logins, passwords, cookies and users' personal information.

The botnet has now been brought to its knees with the help of a cross-continent investigative effort involving teams from Germany, Italy, the Netherlands and the UK working with Europol's European Cybercrime Centre (EC3), as well as representatives from Microsoft, Symantec and AnubisNetworks.

In a blog post by Symantec, published earlier today, the anti-virus vendor confirmed their collective work had resulted in a number of servers owned by the cyber criminals behind Ramnit being seized, along with other parts of their computing infrastructure.

The company has also released a tool, accessible here, for anyone concerned their PC may have been infected by Ramnit.

Wil van Gemert, deputy director of operations at Europol, said: "This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime.

"We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes.

"Together with the EU member states and partners around the globe, our aim is to protect people around the world against these criminal activities."

Featured Resources

How to be an MSP: Seven steps to success

Building your business from the ground up

Download now

The smart buyer’s guide to flash

Find out whether flash storage is right for your business

Download now

How MSPs build outperforming sales teams

The definitive guide to sales

Download now

The business guide to ransomware

Everything you need to know to keep your company afloat

Download now

Recommended

Colonial Pipeline reportedly paid $5 million ransom
Security

Colonial Pipeline reportedly paid $5 million ransom

13 May 2021
Report finds ransomware hitting manufacturers hardest
hacking

Report finds ransomware hitting manufacturers hardest

13 May 2021
Over two-thirds of companies still run software with WannaCry flaw
WannaCry

Over two-thirds of companies still run software with WannaCry flaw

12 May 2021
IT researcher finds widespread flaws in Wi-Fi security
wifi & hotspots

IT researcher finds widespread flaws in Wi-Fi security

12 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Dell XPS 17 (2021) review: A big laptop for big jobs
Laptops

Dell XPS 17 (2021) review: A big laptop for big jobs

10 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021