It Took Police Three Years to Fully Shut Down a Money-Stealing Botnet

By Jamie Condliffe on at

Back in 2012 the Ramnit worm wriggled its way through social networks and onto the computers of over three million computers, and began to steal sensitive information like bank account details. Now, almost three years later, police have announced that the botnet behind the scourge has been fully shut down.

Ramnit generally made its way onto Windows computers via email and links sent over social media. While it granted access to a range of sensitive data, it was mainly used by criminal hackers to secure banking data which was used to steal funds from accounts. The US, India and Bangladesh were hit particularly hard. Our own National Crime Agency, working with police forces across Europe, have shut down the master servers running the botnet, along with over 300 IP address used by criminals in association with Ramnit.

Having the shut the botnet down, the worm that spread it still persists—and removing it from computers isn't hugely straightforward—not least because it disables antivirus software and re-installs itself on deletion. If you worry that you might still be affected by the worm, you can download software to detect and disinfect the virus here. [BBC]

Image by Tom B under Creative Commons license