Cyberattack: Millions Stolen From UK Bank Accounts

Computers become infected with the virus when users receive and open documents in seemingly legitimate emails. The National Crime Agency (NCA) is asking members of the public to be aware of a serious strain of malicious software (malware) ‘Dridex’, which is being used by criminals to access online banking details and steal money. 

The malware, developed by cyber criminals in Eastern Europe, has been used to target individuals and businesses around the world. Computers become infected when users unknowingly download the malware by opening an email attachment or clicking on a link.   

Law enforcement officials are hunting cyber attackers who have pulled off a series of Internet “heists” on British bank accounts worth at least £20m. British government ministers have been informed and the law enforcement effort involves the United Kingdom’s top-secret electronic security centre at GCHQ, as well as the UK’s national Computer Emergency Response Team (CERT), which was set up in 2014.

In the US the FBI is involved, while in Europe the police agency Europol is also helping to investigate, as well as law enforcement in Germany and Moldova where it is believed the attackers may have links to.

The virus or malware, known as Dridex, may be responsible for worldwide losses of $100m so far. The cyber criminals have used malware to gain access to people’s personal computers. The virus records the login and password details used to access internet banking services and passes it back to the attackers who then use the information to steal from bank accounts.

In the UK the National Crime Agency fears it could be one of the worst cyber-attacks they have seen. Public estimates of the losses are described as “conservative”, a NCA spokesperson said.
The NCA added: “Computers become infected with Dridex malware when users receive and open documents in seemingly legitimate emails. The NCA assesses there could be thousands of infected computers in the UK, the majority being Windows users.”

The virus so far is not believed to have infected smartphones. People are being told they can best protect themselves by boosting their computer security.
 
Mike Hulett, NCA spokesman, said: “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to made.”

At least one arrest has been made, last month, and recently the US department of justice gave details of the arrest. It said: “Andrey Ghinkul, aka Andrei Ghincul and Smilex, 30, of Moldova, was charged in a nine-count indictment unsealed in the western district of Pennsylvania with criminal conspiracy, unauthorised computer access with intent to defraud, damaging a computer, wire fraud and bank fraud. Ghinkul was arrested on 28 August 2015 in Cyprus. The US is seeking his extradition.”
Attacks from the virus had stopped but are now feared by law enforcement to have restarted.

The NCA said that Dridex, known also as Bugat and Cridex, was created by “technically skilled cyber criminals in eastern Europe to harvest online banking details, which are then exploited to steal money from individuals and businesses around the world. Global financial institutions and a variety of different payment systems have been particularly targeted.”

FBI executive assistant director Robert Anderson: “Those who commit cyber crime are very often highly skilled and can be operating from different countries and continents. They can and will deploy new malware and we, along with our partners, are alive to this threat and are constantly devising new approaches to tackle cyber crime.
“We urge all internet users to take action and update your operating system. Ensure you have up to date security software and think twice before clicking on links or attachments in unsolicited emails.”

Law enforcement cyber experts are trying to stop the malware sending money to accounts controlled by the criminals. 

The NCA said: “Users are urged to visit the CyberStreetWise and GetSafeOnline websites where a number of anti-virus tools are available to download to help clean up infected machines and get advice and guidance on how to protect themselves in the future.”

Guardian      Cybersreetwise

 

 

 

 

 

« Australia Begins Mass Data Retention
IBM's Watson Analytics - New Data Discovery »

Perimeter 81

Directory of Suppliers

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 5,000+ specialist service providers.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

WEBINAR: How to build an effective Cloud Threat Intelligence program in the AWS Cloud

WEBINAR: How to build an effective Cloud Threat Intelligence program in the AWS Cloud

Thursday, Jan 28, 2021 - Join this webinar to learn how to improve your Cloud Threat Intelligence (CTI) program by gathering critical cloud-specific event data in the AWS Cloud.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

World Privacy Forum (WPF)

World Privacy Forum (WPF)

The World Privacy Forum is a non-profit public interest research group that focuses on privacy and technology issues.

ICC Commercial Crime Services (CCS)

ICC Commercial Crime Services (CCS)

ICC Commercial Crime Services (CCS) is the anti-crime arm of the International Chamber of Commerce.

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

Cradlepoint

Cradlepoint

With Cradlepoint customers leverage the speed and economics of wired and wireless Internet broadband for branch, mobile, and IoT networks while maintaining end-to-end visibility, security and control.

LIFARS

LIFARS

LIFARS is a global leader in Digital Forensics and Cyber Resiliency Services.

FileWave

FileWave

FileWave offers a single solution for managing apps, devices, and more for Mac, Windows, and mobile devices.

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions provides advanced, innovative data security solutions for enterprises, professionals and individuals.

ABS Group

ABS Group

ABS Group provides risk and reliability solutions and technical services that help clients confirm the safety, integrity and security of critical assets and operations.