Cyber attackers are thought to have stolen as much as £100 million in a series of assaults on people’s bank accounts around the world.
This is according to the UK’s National Crime Agency (NCA), which has revealed that a group of cyber criminals believed to be operating out of Eastern Europe is orchestrating what has become known as the ‘Dridex’ scam. It involves a “particularly virulent” form of malware – named Dridex – that enables the network of “technically skilled cyber criminals” to steal money from individuals and businesses.
The NCA suggests that around £20 million has been pilfered from British people’s bank accounts through the cyber security breach. However, a spokesperson from the crime agency said that these are “conservative” estimates, adding that this is one of the worst cyber attacks the organisation has ever seen.
Around the world crime agencies are investigating the attacks, including the FBI in the US and the European police agency Europol.
Dridex reportedly works by infecting a user’s computer once they have opened documents within a seemingly legitimate email. The virus reportedly then records the login and password details used to access internet banking services and passes it back to the attackers who then use the information to steal from bank accounts.
“Computers become infected with Dridex malware when users receive and open documents in seemingly legitimate emails,” the NCA revealed in a statement. “The NCA assesses there could be thousands of infected computers in the UK, the majority being Windows users.”
So far one arrest has been made, but this dates back to the end of August 2015. Having taken place over a long period earlier this year, it was thought that the Dridex attacks had stopped, but law enforcement agencies fear the cyber criminals might have started a fresh wave of attacks.
FBI executive assistant director Robert Anderson warned: “Those who commit cyber crime are very often highly skilled and can be operating from different countries and continents. They can and will deploy new malware and we, along with our partners, are alive to this threat and are constantly devising new approaches to tackle cyber crime.
“We urge all internet users to take action and update your operating system. Ensure you have up to date security software and think twice before clicking on links or attachments in unsolicited emails.”