On 3 December 2015, Europol’s European Cybercrime Centre (EC3) and Joint Cybercrime Action Taskforce (J-CAT), alongside INTERPOL, the Department of Homeland Security, the Federal Bureau of Investigation, the National Cyber Investigative Joint Taskforce – IC4 and law enforcement officials from across the world, including 5 EU Member States[i], Albania and Montenegro, partnered with Microsoft and other members of the private sector[ii] to disrupt one of the most widespread malware families – Win 32 / Dorkbot. Since its discovery in 2011, this malicious software has infected over a million computers in 190 countries.
Commonly spread via USB flash drives, instant messaging programs, and social networks, Dorkbot causes damage by opening a backdoor on the infected computer, allowing for remote access and potentially turning it into a botnet. The Dorkbot worm gained publicity in late 2011 for an attack on a leading social media’s chat system, with users receiving a message with a bogus link that appeared to come from one of their friends on this platform.
Investigators are in the process of determining the number of victims around the world that have been impacted by this botnet.
Wil van Gemert, Europol's Deputy Director Operations, said: “Botnets like Dorkbot have victimized users worldwide, which is why a global law enforcement team approach working with the private sector is so important. Europol is pleased to join forces with its law enforcement and private sector partners to defeat malicious botnets that have the potential to impact millions of victims.”
To detect and remove this threat and other malicious software that may be installed on your computer, EC3 recommends running a full-system scan with an appropriate, up-to-date security solution.
In addition, it is recommended that computer users:
- Use and maintain anti-virus software. Anti-virus software recognizes and protects your computer against most known viruses.
- Change your passwords. Your original passwords may have been compromised during the infection.
- Keep your operating system and application software up-to-date. Install software patches so that cybercriminals cannot take advantage of known problems or vulnerabilities.
- Use anti-malware tools. Using a legitimate program that identifies and removes malware can help eliminate an infection.
For more information regarding how to protect oneself online, please visit our Crime Prevention Advice page.
[i] Belgium, France, Lithuania, Spain, The Netherlands
[ii] CERT.PL, ESET, USCERT