Europol strikes a blow to trojan infrastructure targeting banking data

Europol, in collaboration with the FBI, several police forces and a number of security companies, on July 8 and 9 shut down the servers and domains that form the basis for communication between computers infected with the Shylock Trojan.

The Shylock Trojan focuses on stealing banking information entered on infected devices. Criminals can use this data to empty victim accounts. According to Europol, more than 30,000 Windows systems worldwide are said to have been infected with the Trojan. Especially in the United Kingdom, many systems are said to have been infected, but a relatively large number of systems from the US, Italy and Turkey are also said to have been affected by Shylock. Many users received the malware by clicking on certain links that would then cause the computer to perform an installation of the malware.

The operation was led by the UK’s National Crime Agency and coordinated from Europol’s operations center in The Hague. In addition, security firms BAE Systems Applied Intelligence, Dell SecureWorks and Kaspersky Lab and the UK Government Communications Headquarters were involved in the action.

The move is likely to be part of Europol’s strategy to tackle online crime. Troels Oerting, head of cybercrime at Europol, said at the end of April that disrupting the activities of criminals who trade online is much more important than prosecuting them. According to Oerting, that would be a much better approach to the problem, because prosecution would be too useless.