Computers in many of the UK's biggest banks and building societies have been infected with malware and become part of the malicious Conficker botnet.

Ramnit botnet dismantled as UK users warned of computer attack
Computers in many of the UK's top banks have been hijacked and turned into botnets issuing malicious spam. (Reuters) Reuters

Using data collected from three groups, the research project commissioned by the BBC discovered that 20 spam "incidents" had occurred so far this year connected with bank networks.

The project saw the University of Delft in The Netherlands, an unnamed firm running spam traps and security messaging firm Cloudmark contribute data to the project.

A botnet is a large network of computers that have been infected with malware. The cybercriminals who control these botnets use the infected PCs to distribute spam and malware, harvest personal data for sale or to attack websites to take them offline - typically without the victim's knowledge.

The research showed that 2013 has seen the highest number of incidents involving UK bank networks so far, compared with 2011 and 2012.


PCs connected to seven corporate bank networks are regularly sending out spam emails, while another five networks have computers that have been enrolled into the six million-strong Conficker botnet which famously brought down email and computer support systems in the UK Defence Ministry, the Greater Manchester Police, the German Armed Forces and the French Navy in 2009.

Eight other networks are regular sources of malicious activity such as distributing malware, phishing scams tricking users into giving away passwords or credit card information, or "pump and dump" scams where users are tricked into visiting sites which can infect their computers with malware.

It is suspected that the banks' computers were compromised when employees accidentally opened malicious email attachments.


"There should be no spam coming out of these networks," said Delft University's Professor Michel van Eeten told the BBC. "If they are vulnerable to that you have to wonder what else they are vulnerable to. This might show they can fall victim to a targeted attack more easily because those are much harder to avoid falling into."

Since 2011, a cyber war exercise has been created to train staff from a number of UK banks and financial institutions.

This year's game, Waking Shark II, designed by Credit Suisse, is currently ongoing and is overseen by the Bank of England, the Treasury and the Financial Conduct Authority.