Dridex: UK internet users hit by major international cyber attack, National Crime Agency says
NCA says scam has already seen UK losses of £20m
Hackers are targeting UK internet users with a “particularly virulent” form of malware and have already stolen millions of pounds, the UK’s top crime agency has warned.
Police urged users of online banking to seek immediate guidance on how to protect themselves, and said people should alert their banks if they think they have lost money.
The National Crime Agency (NCA) said it was investigating a network of “technically skilled cyber criminals” based in Eastern Europe, who have stolen money from businesses and individuals around the world. It said UK losses were already estimated to be £20 million.
The scam involved a strain of malware called “Dridex”, which infected computers when users opened documents in seemingly legitimate emails.
While the criminals are largely focussing on financial institutions, the police said some members of the public may have also been victims. The NCA believes “thousands” of computers could be infected in the UK, and said the virus mainly affected Windows users.
Mike Hulett, head of the NCA’s cyber crime unit, said: “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes.”
In a statement, the NCA said its officers have been working with the FBI, Europol and other security forces around the world to disrupt the criminal network, and said one “significant arrest” had already been made.
Robert Anderson, an assistant director at the FBI, said the attack was a wake-up call for all internet users to “take action”.
“Those who commit cyber crime are very often highly-skilled and can be operating from different countries and continents,” he said. “They can and will deploy new malware and we, along with our partners, are alive to this threat and are constantly devising new approaches to tackle cyber crime.
“We urge all internet users to take action and update your operating system. Ensure you have up to date security software and think twice before clicking on links or attachments in unsolicited emails.”
Independent News Service