The agency is warning internet users to protect themselves against the malware, also known as Bugat and Cridex, and say they are chasing down the thieves.
Computers become infected when users open documents from seemingly legitimate e-mails. Financial institutions and various payment systems have been targeted, and members of the public could have become victims. Windows users are most at risk, they say.
The NCA recommends people ensure their operating systems are up to date and that anti-virus software is installed to protect themselves.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now