Cyberattack: Millions Stolen From UK Bank Accounts

Uploaded on 2015-10-23 in TECHNOLOGY--Hackers, NEWS-News Analysis, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

Computers become infected with the virus when users receive and open documents in seemingly legitimate emails. The National Crime Agency (NCA) is asking members of the public to be aware of a serious strain of malicious software (malware) ‘Dridex’, which is being used by criminals to access online banking details and steal money. 

The malware, developed by cyber criminals in Eastern Europe, has been used to target individuals and businesses around the world. Computers become infected when users unknowingly download the malware by opening an email attachment or clicking on a link.   

Law enforcement officials are hunting cyber attackers who have pulled off a series of Internet “heists” on British bank accounts worth at least £20m. British government ministers have been informed and the law enforcement effort involves the United Kingdom’s top-secret electronic security centre at GCHQ, as well as the UK’s national Computer Emergency Response Team (CERT), which was set up in 2014.

In the US the FBI is involved, while in Europe the police agency Europol is also helping to investigate, as well as law enforcement in Germany and Moldova where it is believed the attackers may have links to.

The virus or malware, known as Dridex, may be responsible for worldwide losses of $100m so far. The cyber criminals have used malware to gain access to people’s personal computers. The virus records the login and password details used to access internet banking services and passes it back to the attackers who then use the information to steal from bank accounts.

In the UK the National Crime Agency fears it could be one of the worst cyber-attacks they have seen. Public estimates of the losses are described as “conservative”, a NCA spokesperson said.
The NCA added: “Computers become infected with Dridex malware when users receive and open documents in seemingly legitimate emails. The NCA assesses there could be thousands of infected computers in the UK, the majority being Windows users.”

The virus so far is not believed to have infected smartphones. People are being told they can best protect themselves by boosting their computer security.
 
Mike Hulett, NCA spokesman, said: “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to made.”

At least one arrest has been made, last month, and recently the US department of justice gave details of the arrest. It said: “Andrey Ghinkul, aka Andrei Ghincul and Smilex, 30, of Moldova, was charged in a nine-count indictment unsealed in the western district of Pennsylvania with criminal conspiracy, unauthorised computer access with intent to defraud, damaging a computer, wire fraud and bank fraud. Ghinkul was arrested on 28 August 2015 in Cyprus. The US is seeking his extradition.”
Attacks from the virus had stopped but are now feared by law enforcement to have restarted.

The NCA said that Dridex, known also as Bugat and Cridex, was created by “technically skilled cyber criminals in eastern Europe to harvest online banking details, which are then exploited to steal money from individuals and businesses around the world. Global financial institutions and a variety of different payment systems have been particularly targeted.”

FBI executive assistant director Robert Anderson: “Those who commit cyber crime are very often highly skilled and can be operating from different countries and continents. They can and will deploy new malware and we, along with our partners, are alive to this threat and are constantly devising new approaches to tackle cyber crime.
“We urge all internet users to take action and update your operating system. Ensure you have up to date security software and think twice before clicking on links or attachments in unsolicited emails.”

Law enforcement cyber experts are trying to stop the malware sending money to accounts controlled by the criminals. 

The NCA said: “Users are urged to visit the CyberStreetWise and GetSafeOnline websites where a number of anti-virus tools are available to download to help clean up infected machines and get advice and guidance on how to protect themselves in the future.”

Guardian      Cybersreetwise

 

 

 

 

 

« Australia Begins Mass Data Retention
IBM's Watson Analytics - New Data Discovery »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Academy - University of Southampton

Cyber Security Academy - University of Southampton

An industry/University partnership established to advance cyber security through world class research, teaching excellence, industrial expertise and training capacity.

Code Dx

Code Dx

Code Dx is a software application vulnerability correlation and management system.

KFSensor

KFSensor

KFSensor is an advanced 'honeypot' intrusion and insider threat detection system for Windows networks.

PakCERT

PakCERT

PakCERT is the national Computer Emergency Response Team for Pakistan.

Siscon

Siscon

Siscon provide consulting and solutions for data and information security in Scandinavia.

ITC Secure Networking

ITC Secure Networking

ITC are a leading cloud-based MSSP delivering service innovation in cyber security analytics & cloud technology.

Bounga Informatics

Bounga Informatics

Bounga Informatics provides Digital Forensics, E-Discovery, and Endpoint Security software, hardware, and training in Singapore and other countries in Asia Pacific.

CloudMask

CloudMask

CloudMask patent technology provides Dynamic Data Masking (DDM) that masks sensitive data, structured or non-structured, in real-time.

Cyber Intelligence (CI)

Cyber Intelligence (CI)

Cyber Intelligence is an award winning 'MSC status' cyber security education and training company.

Protocol 46

Protocol 46

Prortocol 46 deliver an affordable, simple, holistic cyber security solution, enabling customers to understand and mitigate cyber risk.

BlueFiles

BlueFiles

BlueFiles enables users to send encrypted files securely while maintaining full control over recipients, access periods, downloads, and printing.

NewGens

NewGens

NewGens is a solution and service provider to banking institutions in the APAC region. Areas of expertise include cybersecurity, AML, fruad prevention, compliance and risk management.

About Cyber Security.

About Cyber Security.

About Cybersecurity provides a galaxy-wide knowledge base of cybersecurity tactics and techniques derived from actual experience.

LogMeIn

LogMeIn

LogMeIn makes it possible for millions of people and businesses around the globe to do their best work simply and securely—on any device, from any location and at any time.

GovernmentCIO

GovernmentCIO

GovernmentCIO was founded with a single purpose: to transform government IT. We are thought leaders in data analytics, machine learning, cybersecurity and IT transformation.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.