Cyberattack: Millions Stolen From UK Bank Accounts

Computers become infected with the virus when users receive and open documents in seemingly legitimate emails. The National Crime Agency (NCA) is asking members of the public to be aware of a serious strain of malicious software (malware) ‘Dridex’, which is being used by criminals to access online banking details and steal money. 

The malware, developed by cyber criminals in Eastern Europe, has been used to target individuals and businesses around the world. Computers become infected when users unknowingly download the malware by opening an email attachment or clicking on a link.   

Law enforcement officials are hunting cyber attackers who have pulled off a series of Internet “heists” on British bank accounts worth at least £20m. British government ministers have been informed and the law enforcement effort involves the United Kingdom’s top-secret electronic security centre at GCHQ, as well as the UK’s national Computer Emergency Response Team (CERT), which was set up in 2014.

In the US the FBI is involved, while in Europe the police agency Europol is also helping to investigate, as well as law enforcement in Germany and Moldova where it is believed the attackers may have links to.

The virus or malware, known as Dridex, may be responsible for worldwide losses of $100m so far. The cyber criminals have used malware to gain access to people’s personal computers. The virus records the login and password details used to access internet banking services and passes it back to the attackers who then use the information to steal from bank accounts.

In the UK the National Crime Agency fears it could be one of the worst cyber-attacks they have seen. Public estimates of the losses are described as “conservative”, a NCA spokesperson said.
The NCA added: “Computers become infected with Dridex malware when users receive and open documents in seemingly legitimate emails. The NCA assesses there could be thousands of infected computers in the UK, the majority being Windows users.”

The virus so far is not believed to have infected smartphones. People are being told they can best protect themselves by boosting their computer security.
 
Mike Hulett, NCA spokesman, said: “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to made.”

At least one arrest has been made, last month, and recently the US department of justice gave details of the arrest. It said: “Andrey Ghinkul, aka Andrei Ghincul and Smilex, 30, of Moldova, was charged in a nine-count indictment unsealed in the western district of Pennsylvania with criminal conspiracy, unauthorised computer access with intent to defraud, damaging a computer, wire fraud and bank fraud. Ghinkul was arrested on 28 August 2015 in Cyprus. The US is seeking his extradition.”
Attacks from the virus had stopped but are now feared by law enforcement to have restarted.

The NCA said that Dridex, known also as Bugat and Cridex, was created by “technically skilled cyber criminals in eastern Europe to harvest online banking details, which are then exploited to steal money from individuals and businesses around the world. Global financial institutions and a variety of different payment systems have been particularly targeted.”

FBI executive assistant director Robert Anderson: “Those who commit cyber crime are very often highly skilled and can be operating from different countries and continents. They can and will deploy new malware and we, along with our partners, are alive to this threat and are constantly devising new approaches to tackle cyber crime.
“We urge all internet users to take action and update your operating system. Ensure you have up to date security software and think twice before clicking on links or attachments in unsolicited emails.”

Law enforcement cyber experts are trying to stop the malware sending money to accounts controlled by the criminals. 

The NCA said: “Users are urged to visit the CyberStreetWise and GetSafeOnline websites where a number of anti-virus tools are available to download to help clean up infected machines and get advice and guidance on how to protect themselves in the future.”

Guardian      Cybersreetwise

 

 

 

 

 

« Australia Begins Mass Data Retention
IBM's Watson Analytics - New Data Discovery »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Bulb Security

Bulb Security

Whether your internal red team or penetration testing team needs training, or you lack internal resources and need an outsourced penetration test, Bulb Security can help.

Varonis

Varonis

Varonis provide a security software platform to let organizations track, visualize, analyze and protect their unstructured data.

Infiltrate

Infiltrate

INFILTRATE is a deep technical conference that focuses entirely on offensive security issues.

Global Learning Systems (GLS)

Global Learning Systems (GLS)

Global Learning Systems provides security awareness and compliance training programs for employees that effectively promote behavior change and protect your organization.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

North American Electric Reliability Corporation (NERC)

North American Electric Reliability Corporation (NERC)

NERC is a not-for-profit international regulatory authority whose mission is to assure the reliability and security of the bulk power system in North America.

Mission Secure (MSi)

Mission Secure (MSi)

MSi is a specialized provider of next generation cyber defense solutions protecting control systems and critical physical assets in energy, transportation and defense.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

ResponSight

ResponSight

ResponSight is a data science company focusing specifically on the challenge of measuring risk and identifying changes in enterprise/corporate networks using behavioural analytics.

iFluids Engineering

iFluids Engineering

iFluids Engineering is a leading engineering consulting and risk management firm providing a full range of services including Cyber Security for Industrial Control Systems.

eCosCentric

eCosCentric

eCosCentric provides software development solutions for the IoT, M2M & embedded systems market.

TAG Cyber

TAG Cyber

TAG Cyber's mission is to provide world-class cyber security research, advisory, and consulting services to enterprise security teams around the world.

ChaosSearch

ChaosSearch

ChaosSearch is a massively scalable ELK-compatible log analysis platform delivered as a fully managed service with high-performance and low cost.

NewAE Technology

NewAE Technology

NewAE Technology is revolutionizing the hardware security market by making every engineer and designer aware of side-channel power analysis and glitching as important attack vectors.

Nine23

Nine23

Nine23 are a highly focused cyber security solutions company that defines, builds and manages innovative services, enabling end-users to use technology securely in today’s workplace.

Cyber Suraksa

Cyber Suraksa

We make security simple and hassle-free by offering a sustained and secure IT environment with next-gen cybersecurity solutions through a scalable security-as-a-service model.