Twitter
Advertisement

Symantec Assists Europol with Ramnit Botnet Takedown: India worst affected with 27 percent of infections

Today, a law enforcement operation led by Europol, with assistance from Symantec, Microsoft and other industry partners, seized servers and infrastructure from the cybercrime group behind the Ramnit botnet. Symantec provided technical analysis and telemetry as part of the investigation.

Latest News
article-main
FacebookTwitterWhatsappLinkedin

Today, a law enforcement operation led by Europol, with assistance from Symantec, Microsoft and other industry partners, seized servers and infrastructure from the cybercrime group behind the Ramnit botnet. Symantec provided technical analysis and telemetry as part of the investigation.

During its five years of operation, the Ramnit malware (detected by Symantec as W32.Ramnit.B) has evolved into a major criminal enterprise, infecting more than 3.2 million computers and harvesting banking credentials, passwords, cookies, and personal files from victims. Ramnit has affected victims across the world and infections have been found in most countries. However, the worst affected countries in recent times have been India with 27 percent, Indonesia with 18 percent, Vietnam with 12 percent and Bangladesh with 9 percent of total infections

This botnet provides attackers with multiple ways to defraud a victim once their computer is compromised. It is capable of monitoring their web browsing sessions and stealing banking credentials, it can steal website cookies allowing attackers to impersonate the victim, take files from the victim’s hard disk, and grant the attackers remote access to the computer, allowing them to exfiltrate stolen information or download additional malware.

While the number of infected computers has decreased over time, the Ramnit botnet is still very active. For example, Symantec blocked a daily average of around 6,700 new infections in November 2014. This was down from a daily average of 8,000 in May 2014. Symantec has released a tool that will check for a Ramnit infection and allow you to remove it from a compromised computer; you can download it here

For more information about the Ramnit botnet and Symantec’s research, you can view Symantecs blog here or it's whitepaper here.

Find your daily dose of news & explainers in your WhatsApp. Stay updated, Stay informed-  Follow DNA on WhatsApp.
Advertisement

Live tv

Advertisement
Advertisement