Dridex activity had fallen off in September but the malware has seen a resurgence, security researchers said.
U.K. and U.S. law enforcement agencies are now working to “sinkhole” or stop infected computers from communicating with the criminals that control them.
“This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to made,” Mike Hulett, head of operations at the NCA’s National Cyber Crime Unit (NCCU) said in a press release.
Security experts warned that Dridex allows hackers to not only steal financial information, but also personal information, which can then be sold to criminals online.
“Dridex is an information stealing Trojan, meaning that not only is the victim in risk of losing money due to a compromised bank accounts, but victims, especially employees compromised with Dridex, are also putting their company at risk because Dridex can perform activities such as stealing credentials from applications, perform keystroke logging and also download further malicious payloads, such as backdoors,” Jens Monrad, systems engineer at FireEye, said in a note.