Europol shuts down Ramnit botnet that infected 3.2m computers

A cybercrime ring that used millions of hacked computers in Britain to steal banking information has been shut down by European police and technology companies.Europol’s European cybercrime centre coordinated the operation from its headquarters in The Hague, targeting the so-called Ramnit botnet – a network of computers infected with malware. Botnet Shut Down
The Ramnit botnet, a favorite among thieves dabbling in financial fraud for its frequent updates, has been shut down in a joint effort spearheaded by Europol’s European Cybercrime Centre (EC3).In a statement today, EC3 said investigators from across Europe, along with Microsoft, AnubisNetworks and Symantec, carried out the operation, which shut down the botnet’s command and control infrastructure and redirected traffic from 300 domains used by Ramnit to domains controlled by authorities. shut down network ‘used to steal bank details’
A network of computers that has spread malware to millions of machines has been shut down, police have said.The National Crime Agency (NCA) worked with forces across Europe to tackle servers used by the Ramnit “botnet”, which could be used to access sensitive information.The botnet spread malware that would give criminals control of users’ computers, leaving them vulnerable. taken down through international law enforcement cooperation [news release]
On 24 February, Europol’s European Cybercrime Centre (EC3) coordinated a joint international operation from its operational centre in The Hague, which targeted the Ramnit botnet that had infected 3.2 million computers all around the world. The operation involved investigators from Germany, Italy, the Netherlands, and the United Kingdom – who led the operation – along with partners from private industry.This botnet – a term used to describe a network of infected computers – was used by the criminals running it to gain remote access and control of the infected computers, enabling them to steal personal and banking information, namely passwords, and disable antivirus protection. This malware, infecting users running Windows operating systems, explored different infection vectors such as links contained in spam emails or by visiting infected websites.Representatives from the various countries, Microsoft, Symantec and AnubisNetworks worked together with Europol officials to shut down command and control servers and to redirect 300 Internet domain addresses used by the botnet’s operators. The Joint Cybercrime Action Taskforce* (J-CAT), located at Europol’s headquarters, supported the operation. CERT-EU (Computer Emergency Response Team for the EU institutions, bodies and agencies) participated in this operation, relaying information on the victims to their peers, for risk mitigation purposes.Europol Deputy Director Operations, Wil van Gemert, says: “This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime. We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes. Together with the EU Member States and partners around the globe, our aim is to protect people around the world against these criminal activities.”Microsoft and Symantec have released a remedy to clean and restore infected computers’ defences. For those who fear their computer may have been infected, EC3 recommends downloading specialist disinfection software. For further information please visit or

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.