Ramnit Botnet Comeback Again

Ramnit Botnet has a long history when its first version appeared in 2010. By 2014, it emerged as one of the biggest financial fraud networks of bot. The countries like USA, UK, and Australia were its prime target as these are English speaking regions. Ramnit Botnet was noticed by a lot of PC security teams such as AnubisNetworks, Symantec as well as Microsoft. These were the companies that collaborated with “European Cyber-crime Center” of Europol. This was the time of early 2015 when these PC security firm operated a joint task with Europol to sinkhole the financial fraud operating Ramnit Botnet’s command-and-control servers.

According to the X-Force Threat Intelligence group of IBM, the same attackers which were involved in the original network-of-bots are releasing another addition of notorious network with the advantage of suspicious commercial ads for attracting the victims. As Security investigators at IBM says that the first Ramnit version dispatch instructions through its CnC sever however after the Europol has interrupted, the infected PC’s are not receiving this messages.

The two versions of Ramnit are circulating in which Ramnit ver. 1 uses its banking Trojan for infecting network shares as well as drives while Ramnit ver. 2 gets accumulated using malevolent ads and diverts end-users to an Angler EK-hosted webpage. The latest Ramnit banker Trojan though new CnC server infrastructure and botnet appears as alone financial fraud network as indicated by IBM. In conclusion, it is very clear that this Ramnit Trojan controller will proliferate in several other geographical regions in coming time.