Microsoft, FBI Take Down Citadel Botnet

Microsoft today announced that, in coordination with the FBI, it has disrupted more than 1,000 botnets used to steal people's banking information and identities.

The malware, dubbed Citadel, resulted in losses of more than $500 million and affected more than 5 million people.

Most were located in the U.S., Europe, Hong Kong, Singapore, India, and Australia, but Microsoft has found evidence of Citadel in more than 90 countries.

Citadel installed key-logging software onto a computer, which tracked everything a person typed. That allowed the scammers to steal passwords and gain direct access to a PC user's bank account.

"The harm done by Citadel shows the threat that botnets, malicious software, and piracy pose to individuals and businesses around the world," Brad Smith, Microsoft general counsel, said in a statement. "Today's coordinated action between the private sector and law enforcement demonstrates the power of combined legal and technical expertise and we're going to continue to work together to help put these cybercriminals out of business."

Microsoft has been working with the FBI on taking down Citadel since early 2012. Last week, it filed suit against those operating the botnet and received authorization from a North Carolina district court to shut down communication between 1,462 Citadel botnets and the millions of computers under their control.

Redmond also seized evidence, including servers, from data-hosting facilities in New Jersey and Pennsylvania. Microsoft and the FBI are in contact with Computer Emergency Response Teams (CERTs) so they can address botnet activity overseas.

"Today's actions represent the future of addressing the significant risks posed to our citizens, businesses, and intellectual property by cyber threats and malicious software, which are often enabled by counterfeit and unlicensed software," said FBI executive assistant director Richard McFeely. "Creating successful public-private relationships in which tools, knowledge, and intelligence are shared is the ultimate key to success in addressing cyber threats and is among the highest priorities of the FBI. We must ensure that, as cyber policy is developed, the ability of the private sector to coordinate in real time with the FBI is encouraged so that a multi-prong attack on our cyber adversaries can be as effective as possible."

It's unlikely that the move has completely eradicated Citadel botnets, but Microsoft said it will "significantly disrupt" the network.

Redmond said the effort - its seventh botnet takedown - was its "most aggressive botnet operation to date."

Source: <a href="http://www.pcmag.com/article2/0,2817,2420046,00.asp">botnet

korg