Europol Terminates Notorious Ramnit Botnet
The Ramnit network-of-bots, which cyber-thugs popularly leveraged for committing financial fraud is finally in a dismantled state via a combined initiative that EC3 (European Cybercrime Center) of Europol spearheaded, published threatpost.com dated February 25, 2015.
Lately EC3, also recognized as police agency of Europe, stated that investigators from different European countries, together with Symantec, AnubisNetworks as well as Microsoft performed the dismantling job that cracked the botnet's C&C structure followed with diverting all traffic originating out of 300 domains, which Ramnit utilized, onto domains that officials controlled.
The Ramnit, according to EC3, infected over 3.2m Windows PCs.
The modes through which the malware was disseminated included drive-by downloads, phishing scams and spam campaigns. These attacks lured victims towards unknowingly loading the program. That subsequently helped the attackers gain admission into the contaminated PCs from where they stole chiefly banking credentials. However, they even stole FTP log-ins, social-networking A/C passwords etc. Immediately after gaining backdoor access to a PC, the malware tried identifying the AV programs active on that compromised system and disabling the software's detection capabilities.
Disturbingly, Ramnit has contaminated PCs globally and the nations worst impacted are Bangladesh, USA and India. It targeted more countries such as Turkey, Egypt, UK, Pakistan and Philippines, amidst others.
In a remark, Wil van Gemert Deputy Director Operations of Europol said that the success of the dismantling operation indicated how important global law enforcement was when carrying out their tasks along with private players for combating the worldwide danger that Internet crime posed. According to him, Europol would keep its efforts on for terminating botnets as well as destabilizing their central infrastructures that crooks employed for executing various cyber-crimes. The agency, in combination with member states of European Union and alliances worldwide, aimed at safeguarding people globally from the above kind of criminal activities, he concluded. ZDNet.com published this, February 25, 2015.
Currently after the shutdown operation, investigators would examine the confiscated C&C servers while locate their operators too. And if no detention of the criminals happens, the Ramnit owners would keep doing the crimes and possibly even establish new infrastructures for capturing more banking credentials, analyzed the investigators.
» SPAMfighter News - 3/5/2015