UK investigates huge spam attack on bank customers' computers

Cybercrime investigators are looking into a barrage of spam sent to millions of British banking customers designed to freeze their computers and demand a ransom, Britain's National Crime Agency said on Friday.

The agency, which began operating only last month, said its National Cyber Crime Unit had become "aware of a mass e-mail spamming event which is ongoing, where people are receiving e-mails that appear to be from banks and other financial institutions."

The agency said it considered the attack a "significant risk." It added that while the spam e-mails may be sent out to "tens of millions of UK customers," they appear to be targeted mainly at small and medium-sized businesses.

The spam carries an attachment that appears to be correspondence related to the text of the e-mail - such as a voice mail or fax or details of a purported suspicious transaction or invoice seeking payment, the agency said.

In reality, the agency said, the attachment injects a malicious programme - malware - into the computer, which opens it as well as the local network to which the machine is connected. Once triggered, a programme called Cryptolocker that the crime agency described as "ransomware," proceeds to encrypt the files on the user's machine and the local network.

Once encrypted, the computer displays a message demanding the payment of 2 Bitcoins - an electronic currency currently worth 536 pounds (S$1,000) - in return for the key to unlock the encryption.

The UK crime agency said it advised users not to pay the ransom and warned that even if it were paid, there was no guarantee the encryption key would be turned over.

The spam attack was reported just as UK financial institutions were conducting a large-scale cybersecurity exercise, code-named "Walking Shark 2". The exercise was being coordinated by the British Treasury and the Bank of England.