European Cyber Police Shuts Down World’s Biggest “Ramnit” Botnet

In a joint operation cyber police from United Kingdom, Netherlands, Germany and Italy have claimed successful breakdown of what can be the world’s biggest ever botnets known as Ramnit.

The Ramit malware is so dangerous that according to researchers it has compromised more than 3.2 million Microsoft Windows based PCs, and still active in 350,000 computers worldwide.

Ramit malware steals banking details such as login data and passwords from victim’s PC.


The lethal malware was first identified by Symantec, Microsoft and an IT security company Anubis Networks; who further reported it to law enforcement agencies in Europe. The Europol with the help of European Cybercrime Centre (EC3) then destroyed and shutdown the command and control servers for the malware.

Related Post: MS Word’ Malicious Macro Downloads Vawtrak Banking Trojan

Cyber criminals behind Ramnit malware were using more than 300 domains worldwide to control compromised computers.

Good news is that those users infected with this malware will be automatically cut off from the servers. Ramnit mostly infected users from Indonesia, India, Vietnam, US, Brazil. Turkey, Egypt and Philippines.


An important lesson to learn here is NEVER to click links attached with malicious emails, as the Ramnit malware was also spread via emails from unknown senders and social media messages. Once infected, it would takeover the device and steal login details such as bank account numbers, steal session cookies, passwords from online banking sites, shutdown anti-virus programs and spy on user’s activity on the internet.

Related Post: Android Trojan Virus: iBanking Malware ‘Qadars’ Targets Facebook Users via Webinjects

Capabilities of Ramnit Botnet via Symantec (Click to Enlarge)

Symantec found out that the cyber criminals who created Ramnit malware were using it for last five years.

“The group has been in operation for at least five years and in that time has evolved into a major criminal enterprise, infecting more than 3.2 million computers in total and defrauding large numbers of innocent victims. It is hoped that today’s operation will strike a significant blow against the resources and capabilities of the gang,” according to Symantec.

Ramnit infographic from Symantec
Ramnit infographic from Symantec

We at HackRead have always told our readers to beware of phishing emails, never click any suspicious link sent from unknown senders and always go through online forums before opening a link or clicking a .exe file.

For now, you can scan your computer for Ramnit and remove it by using Microsoft’s or Symantec’s virus scanner tools.

Related Posts