This article is more than 1 year old

Europol shuts down darn RAMNIT botnet

Cops analysing command and control server ... in Hampshire

Euro cybercrime cops have taken down the RAMNIT botnet, which has infected 3.2 million computers worldwide, including 33,000 in the UK.

The National Crime Agency's cybercrime unit worked with cops in the Netherlands, Italy and Germany to shut down command-and-control servers used by the botnet. One of the servers was housed in Gosport, Hampshire.

RAMNIT spread malware via innocuous-looking links sent in phishing emails or social networking websites, and has mainly been used to take money from bank accounts from people running Windows OSes.

Europol was alerted to RAMNIT by Microsoft, after data analysis showed a big increase in infections.

The operation to take down RAMNIT was co-ordinated by the Joint Cybercrime Action Taskforce based at Europol’s European Cybercrime Centre.

“This malware effectively gives criminals a back door so they can take control of your computer, access your images, passwords or personal data and even use it to circulate further spam messages or launch illegal attacks on other websites," said Steve Pye of the NCA’s national cybercrime Unit.

“As a result of this action, the UK is safer from RAMNIT, but it is important that individuals take action now to disinfect their machines, and protect their personal information," he added.

The NCA is advising people to check whether their computer has been infected by downloading specialist disinfection software, which is available free of charge at CyberStreetWise or GetSafeOnline.

Analysis is now taking place on the servers and an investigation is ongoing, said the NCA. ®

More about

More about

More about


Send us news

Other stories you might like