UK banks cyber attack
Cyber criminals have stolen at least £20m from UK bank accounts using sophisticated malware, DridexReuters

Millions of pounds have been siphoned off from UK bank accounts by hackers, and the National Crime Agency (NCA) has warned users to enhance their internet security. An investigation into the attack has been launched, which involves multiple law enforcement agencies including GCHQ, Computer Emergency Response Team (CERT), European police agency Europol, and the FBI.

Authorities suspect that sophisticated malware, Dridex – a virus developed by cyber crooks to harvest users' banking details – may have been used to steal the money, which is estimated to be at least a £20m ($50m) loss in the UK. The NCA has warned that thousands of the UK, computers may have been affected by the malware, which is also known as Bugat and Cridex.

"This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to made," said NCA spokesperson, Mike Hullet stating that at least one "significant arrest" has been made.

Dridex, believed to have been developed by hackers in Eastern Europe, has been used by cybercriminals to steal $100m across the world so far. The malware infects computers and pinches user's credentials, including passwords, and sends it to the hackers, who then gain access to bank accounts.

The malware is automatically installed on a computer when a user opens a seemingly legitimate email document that contains the virus. The malicious software is not known to have infected smartphones as yet.

"Users are urged to visit the CyberStreetWise and GetSafeOnline websites where a number of anti-virus tools are available to download to help clean up infected machines and get advice and guidance on how to protect themselves in the future," the NCA said in the statement.

Confirming the arrest in relation to the cyber attack, the US department of justice released a statement on Tuesday 13 October saying: "Andrey Ghinkul, aka Andrei Ghincul and Smilex, 30, of Moldova, was charged in a nine-count indictment unsealed today in the western district of Pennsylvania with criminal conspiracy, unauthorised computer access with intent to defraud, damaging a computer, wire fraud and bank fraud. Ghinkul was arrested on 28 August 2015 in Cyprus. The US is seeking his extradition."