An online criminal operation running one of the most aggressive computer viruses ever seen has been successfully disrupted by digital police from across the world.
The UK’s National Crime Agency (NCA) has warned British internet users that they have a two-week window to protect themselves from Cryptolocker, after working with the FBI, Europol and other law enforcement bodies to weaken the global network of infected computers.
The Cryptolocker software locked PC users out of their machines, encrypting all their files and demanding payment of one Bitcoin – currently worth around £300 – for decryption.
It’s believed Cryptolocker, which the FBI estimated acquired $27million in ransom payments in just the first two months of its life, has infected more than 234,000 machines.
A chief suspect from Russia has been identified but is still at large, Troels Oerting, head of Europol’s European Cyber Crime Centre (EC3), told the Guardian. He said other arrests related to the operation were “in progress”.
The global effort to stop the spread of the Cryptolocker ransomware has focused on its delivery method, itself a dangerous form of malware called Gameover Zeus (GOZeuS), which connected infected machines by peer-to-peer connections – in theory making it harder for the authorities to track and stop.
GOZeuS was designed to steal people’s online banking login details, who were usually infected by clicking on attachments or links in emails that looked innocuous. However, it also dropped Cryptolocker on their computers.
“Nobody wants their personal financial details, business information or photographs of loved ones to be stolen or held to ransom by criminals,” said Andy Archibald, deputy director of the NCA’s National Cyber Crime Unit.
“By making use of this two-week window, huge numbers of people in the UK can stop that from happening to them. Whether you find online security complicated or confusing, or simply haven’t thought about keeping your personal or office computers safe for a while, now is the time to take action.”
Not-for-profit body Get Safe Online has worked with the NCA to launch a dedicated section of its website to provide guidance and tools.