Dridex is considered one of the most effective banking malware families Credit: Jeremy Kirk A cybercriminal network that caused at least US$10 million in losses has been disrupted by U.S. and U.K. law enforcement, with the U.S. seeking a Moldovan man’s extradition, the Department of Justice said Tuesday.Andrey Ghinkul, 30, is accused of being the administrator of the Dridex botnet, also known as Cridex and Bugat.A nine-count indictment was unsealed on Tuesday in the U.S. District Court for the Western District of Pennsylvania, DOJ said. Ghinkul was arrested on Aug. 28 in Cyprus.Dridex has been a real headache for a number of years. It collects online banking credentials from infected computers, which prosecutors said were then used to initiate large wire transfers. In one example, Ghinkul and his gang allegedly transferred $2.1 million from an account of Penneco Oil Company, based in Delmont, Pennsylvania, to one in Krasnodar, Russia, on Aug. 31, 2012, according to the indictment.Four days later, Penneco Oil was hit again, this time with $1.3 million going to an account in Minsk, Belarus. The same day, the group allegedly tried to transfer a further $76,520 from the company’s accounts. Penneco Oil’s account information was believed to have been compromised after Ghinkul’s group sent one of the company’s employees a phishing email, prosecutors said.Dridex is considered one of the top banking malware families. It spreads through targeted spam that contains attachments to malicious XML files, Microsoft Office documents with macros or links to malicious websites.The malware can log keystrokes and inject fake HTML fields into Web pages that ask users for more sensitive information. It also can frequently escape detection by antivirus software. Related content feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO CSO and CISO C-Suite news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry news UK data regulator warns that data breaches put abuse victims’ lives at risk The UK Information Commissioner’s Office has reprimanded seven organizations in the past 14 months for data breaches affecting victims of domestic abuse. By Michael Hill Sep 28, 2023 3 mins Electronic Health Records Data Breach Government news EchoMark releases watermarking solution to secure private communications, detect insider threats Enterprise-grade software embeds AI-driven, forensic watermarking in emails and documents to pinpoint potential insider risks By Michael Hill Sep 28, 2023 4 mins Communications Security Threat and Vulnerability Management Security Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe