Global Task Force Brings Down Huge Botnet

Good riddance, Ramnit. Europol's European Cybercrime Centre, or EC3, is reporting success on a coordinated joint international operation to take out the botnet, a term used to describe a network of infected computers. Ramnit was an especially pesky botnet, infecting an estimated 3.2 million computers worldwide.

EC3 organized the sting from its operational center in The Hague that relied on investigators from Germany, Italy, the Netherlands, the United Kingdom and private industry partners to bring the botnet down.

"This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime," said Wil van Gemert, Europol deputy director of operations. "We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes. Together with the EU Member States and partners around the globe, our aim is to protect people around the world against these criminal activities."

Targeting Windows Users

Ramnit was birthed as a worm that security firm Symantec said first surfaced in 2010. According to EC3, criminals used the Ramnit botnet to gain remote access and control of the infected computers, making it possible to steal personal and banking information, specifically passwords, and disable anti-virus protection. The botnet infected Facebook and other social media sites in 2012.

The insidious malware infected users running Windows operating systems and explored different infection vectors, including links contained in spam e-mails. "It spread quickly due to aggressive self-propagation tactics," Symantec said, "and once it compromised a computer it sought out all EXE, DLL, HTM, and HTML files on the local hard disk and any removable drives and attempted to infect them with copies of itself."

Symantec explained that Ramnit grew into a "fully featured cybercrime tool, featuring six standard modules that provide attackers with multiple ways...

Comments are closed.