CryptoLocker, the notorious online malware estimated to have stolen $27m, has been temporarily disabled, according to international law enforcement agencies including the UK National Crime Agency (NCA), the FBI and Europol.
First surfacing in late 2013, CrypoLocker's ransom malware hijacked more than 234,000 computers through phishing emails, then offered users the ability to pay to decrypt their device for $300 in USD, EUR or BTC.
Symantec researchers report that law enforcement agencies have now effectively disabled key nodes of the GOZeuS network (also known as P2PZeuS and Gameover ZeuS). A separate form of malware, GOZeuS had provided the delivery method for the ransomware, though it was designed to steal users' online banking login details.
According to law enforcement agencies, Internet users now have a two-week window to take the necessary precautions protect themselves from the malware.
Andy Archibald, deputy director of the NCA's National Cyber Crime Unit, said:
He added: "Whether you find online security complicated or confusing, or simply haven’t thought about keeping your personal or office computers safe for a while, now is the time to take action."
Law enforcement officials say they have effectively sinkholed GOZeuS' peer-to-peer network, thereby cutting off criminal control of the affected computers. However, given the distributed nature of the network, the measure is unlikely to shut down the threat permanently.
The suspected ringleader of the illegal operation has also reportedly been identified. According to the UK NCA report, US authorities now allege that 30-year-old Evgeniy Mikhailovich Bogachev is the leader of the criminal enterprise behind GOZeuS.
Other arrests are "in progress", according to international officials.
The announcement will no doubt be greeted with enthusiasm by bitcoin users, as affected users were forced to pay a 2 BTC ransom. Further, though it debuted six months ago, CryptoLocker was still a threat to many Internet users, making headlines in November for updates that made its attacks more sophisticated.
Though authorities were optimistic about the results, they also acknowledged that similar threats are likely to continue to arise.
Archibald used his statements to reiterate the importance of Internet best practices, concluding:
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.