Eavesdropping virus ‘stealing millions’ from UK bank accounts – NCA
Nearly £20 million (US$30.9 milion) has been stolen in the UK by cyber fraudsters using Dridex, a strain of malware designed to eavesdrop on a victim’s computer to steal their personal details.
The virus, first spotted by security researchers in November 2014, can gain access to usernames and passwords on computer systems.
Its main aim is to monitor victims’ online activity, gather their banking details and launder money.
Dridex is spread through emails that contain infected Microsoft Office files, often Word (.doc) or Excel (.xls) documents.
Once a victim is tricked into opening the attachments, Dridex installs itself on their computer.
Thousands of computers in the UK have been infected. One suspect has been arrested in connection with the cybercrime.
According to the NCA, hackers are targeting small and medium sized organizations, but some are targeting members of the public.
Those with internet bank accounts have been encouraged to visit the Cyber Streetwise and GetSafeOnline websites where they can download anti-virus tools that will protect them and clear infected machines.
‘We expect further arrests to be made’
The NCA said it has been working with internal law enforcement partners to mitigate the damage it causes.
“This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry,” head of the NCA’s cybercrime unit Mike Hulett said in a statement.
“Our investigation is ongoing and we expect further arrests to made,” he said.
The NCA has been has been working with the FBI, Europol and other security networks to tackle the virus and track down hackers, he added.
The FBI said it is constantly “devising new approaches” to tackle cybercrime.
“Those who commit cybercrime are very often highly-skilled and can be operating from different countries and continents,” the FBI’s assistant director Robert Anderson said in a statement.
“We urge all internet users to take action and update your operating system. Ensure you have up to date security software and think twice before clicking on links or attachments in unsolicited emails.”