European police have forced a cyber-crime group to do a hard reboot following the seizure of equipment and infrastructure.
The group was instrumental in infecting more than 3.2 million computers via the the Ramnit botnet and has stolen banking information from victims in Indonesia, India and other countries. The operation against the criminals was led by Europol but received assistance from Symantec, Microsoft and other computer industry companies.
Investigators from numerous countries including Germany, Italy, the Netherlands and Britain assisted in the ongoing investigation that resulted in servers being seized.
“The criminals have lost control of the infrastructure they were using,” Paul Gillen, head of operations at Europol’s cyber-crime centre, told Reuters in an interview. “We worked together to shut down the command and control servers for the network in various countries across the European Union. The criminals have lost control of the infrastructure they were using.”
Once a victim’s computer is compromised with Ramnit, it opens a variety of means for hackers to defraud the owner, Symantec explained. The infection allows Web browsing to be monitored, cookies to be stolen and even files to be removed from a computer’s hard disk.
The virus first appeared five years ago, as a worm, and spread quickly thanks to aggressive tactics. Once inside a computer, it would seek out all EXE, DLL, HTM and HTML files on the hard disk and attempt to infect them with copies of itself. Since its creation it has spread throughout the world like a cyber-plague.