Symantec, Microsoft and other industry partners have helped Europol to lead a law enforcement operation. Europol, with assistance from industry partners, has seized servers and infrastructure from the cybercrime group behind the Ramnit botnet. Symantec has provided technical analysis and telemetry as part of the investigation.
During its five years of operation, the Ramnit botnet (detected by Symantec as W32.Ramnit.B) has evolved into a major criminal enterprise, infecting more than 3.2 million computers and harvesting banking credentials, passwords, cookies, and personal files from victims. Ramnit has affected victims across the world and infections have been found in most countries. However, the worst affected countries in recent times have been India with 27 per cent, Indonesia with 18 per cent, Vietnam with 12 per cent and Bangladesh with 9 per cent.
This botnet provides attackers with multiple ways to defraud a victim once their computer is compromised. It is capable of monitoring their web browsing sessions and stealing banking credentials. It can steal website cookies allowing attackers to impersonate the victim, take files from the victim’s hard disk, and grant the attackers remote access to the computer, allowing them to exfiltrate stolen information or download additional malware.
While the amount of infected computers has decreased over time, the Ramnit botnet is still very active.Symantec has released a tool that will check for a Ramnit infection and allow you to remove it from a compromised computer.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
