The National Crime Agency is hunting cyber-attackers who have stolen more than £20m from British bank accounts.
The Dridex Trojan infected computers through a malicious Microsoft Office document. These can often be disguised as an invoice or tracking reference which is then emailed to victims.
The malware relied on tricking recipients into installing it on their machines, where it would then eavesdrop on people entering their bank account information and send the details back to the attackers.
An expert told the BBC that:
“This is very sneaky software that relied on people not being vigilant with their online banking,” said Prof Alan Woodward, a cybersecurity expert who advises Europol.
“If you imagine thieves making lots of little transactions, rather than one big one, it is more likely to go unnoticed.”
The NCA said it was working with the FBI and other relevant authorities to limit the usefulness of the malware. They are currently trying to ‘sinkhole’ the Trojan, working with ISPS to stop the software’s attempts to deliver the information back to the hackers.
“Banks have software running constantly in the background looking for suspicious transactions, but criminals are adopting patterns that are not flagged up,” said Prof Woodward.
“With thousands of computers infected, they only need to take a small amount from each bank account and suddenly they’ve got millions.”