WSi News2015-02-25 12:09:03
Europol's European Cybercrime Centre (EC3) coordinated a joint international operation to take down Ramnit botnet
Europol's European Cybercrime Centre (EC3) coordinated a joint international operation from its operational centre in The Hague, which targeted the Ramnit botnet that had infected 3.2 million computers all around the world. The operation involved investigators from Germany, Italy, the Netherlands, and the United Kingdom - who led the operation - along with partners from private industry.
This botnet - a term used to describe a network of infected computers - was used by the criminals running it to gain remote access and control of the infected computers, enabling them to steal personal and banking information, namely passwords, and disable antivirus protection. This malware, infecting users running Windows operating systems, explored different infection vectors such as links contained in spam emails or by visiting infected websites.
Representatives from the various countries, Microsoft, Symantec and AnubisNetworks worked together with Europol officials to shut down command and control servers and to redirect 300 Internet domain addresses used by the botnet's operators. The Joint Cybercrime Action Taskforce* (J-CAT), located at Europol's headquarters, supported the operation. CERT-EU (Computer Emergency Response Team for the EU institutions, bodies and agencies) participated in this operation, relaying information on the victims to their peers, for risk mitigation purposes.
Europol Deputy Director Operations, Wil van Gemert, says: "This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime. We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes. Together with the EU Member States and partners around the globe, our aim is to protect people around the world against these criminal activities."
Microsoft and Symantec have released a remedy to clean and restore infected computers' defences.
Europol's European Cybercrime Centre (EC3) coordinated a joint international operation from its operational centre in The Hague, which targeted the Ramnit botnet that had infected 3.2 million computers all around the world. The operation involved investigators from Germany, Italy, the Netherlands, and the United Kingdom - who led the operation - along with partners from private industry.
This botnet - a term used to describe a network of infected computers - was used by the criminals running it to gain remote access and control of the infected computers, enabling them to steal personal and banking information, namely passwords, and disable antivirus protection. This malware, infecting users running Windows operating systems, explored different infection vectors such as links contained in spam emails or by visiting infected websites.
Representatives from the various countries, Microsoft, Symantec and AnubisNetworks worked together with Europol officials to shut down command and control servers and to redirect 300 Internet domain addresses used by the botnet's operators. The Joint Cybercrime Action Taskforce* (J-CAT), located at Europol's headquarters, supported the operation. CERT-EU (Computer Emergency Response Team for the EU institutions, bodies and agencies) participated in this operation, relaying information on the victims to their peers, for risk mitigation purposes.
Europol Deputy Director Operations, Wil van Gemert, says: "This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime. We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes. Together with the EU Member States and partners around the globe, our aim is to protect people around the world against these criminal activities."
Microsoft and Symantec have released a remedy to clean and restore infected computers' defences.
For more information contact:
