Europol takes down botnet in international action
In a joint international operation Europol’s European Cybercrime Centre seized servers said to have controlled the Ramnit botnet that had infected 3.2 million computers internationally. The operation involved investigators from Germany, Italy, the Netherlands, and the UK – which led the operation – along with partners from private industry.
Representatives from the various countries, Microsoft, Symantec and Anubis Networks worked together with Europol officials to shut down command and control servers and to redirect 300 Internet domain addresses used by the botnet’s operators. The Joint Cybercrime Action Taskforce, located at Europol’s headquarters in The Hague, supported the operation and the Computer Emergency Response Team for EU institutions, bodies and agencies participated, relaying information on the victims to their peers, for risk mitigation purposes.
Writing on Microsoft’s corporate blog, David Finn, associate general counsel & executive director, Microsoft Cybercrime Center, said the simultaneous seizure of servers in four countries followed a US lawsuit filed last week under seal in federal court by Microsoft and the Financial Services Information Sharing and Analysis Center.
The Ramnit botnet was used by the criminals to gain remote access and control of the infected computers, enabling them to steal personal and banking information, namely passwords, and disable antivirus protection. This malware, infecting users running Windows operating systems, explored different infection vectors such as links contained in spam emails or by visiting infected websites.
Europol deputy director of operations, Wil van Gemert, said: “This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime. We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes. Together with the EU Member States and partners around the globe, our aim is to protect people around the world against these criminal activities.”
The operation comes on the heels of a recent reportby Kaspersky Labs about a separate attack on financial institutions by cybercriminals, which resulted in the theft of hundreds of millions of dollars. “In both situations, law enforcement and the private sector worked together to protect people online,” wrote Microsoft’s Finn. “That’s because the complexity of fighting cybercrime is bigger than any one company or organisation. It requires a diverse set of skills, including sophisticated computer forensics, big data analysis and legal strategy.”