$500 million botnet Citadel attacked by Microsoft and the FBI
Joint operation identified more than 1000 botnets, but operations continue
Thursday 06 June 2013
A joint strike by Microsoft and the FBI, with aid from authorities in more than 80 countries, has begun breaking up the Citadel network - a cybercrime ring responsible for stealing more than $500 million (£323 million) from bank accounts.
The criminals in charge of the Citadel network installed key logging software on up to five million computers to steal data, recording logins and passwords before emptying individuals’ online accounts.
Banks affected by the group’s activities included American Express, Bank of America, HSBC, Wells Fargo, PayPal, and Royal Bank of Canada.
Microsoft describes the internationally-organised assault as “our most aggressive botnet operation to date”, marking the first time that “law enforcement and the private sector have worked together […] to execute a civil seizure warrant as part of a botnet disruption operation.”
During the attack, codenamed Operation b54, more than 1,000 botnets were shut down over Wednesday, with Microsoft stating that 455 of those were hosted in 40 data centres in the US.
Richard Bosovich of the Digital Crimes Unit has said that those that run the data centres are usually unaware of the botnets: “There is no responsibility on their part to see what is in the pipes,” he said.
The reports by Reuters on the operation do warn that this operation will not extinguish the operations of the Citadel group, but it will “significantly disrupt” their operation.
Citadel’s operations were started after the source code for an infamous cybercrime toolkit named Zeus was released in 2011. The code available from Zeus offered tools for many forms of cybercrime, from keystroke logging to phishing schemes.
The code was then augmented by enthusiasts and opportunists on cybercrime forums, with Citadel’s tweaks to the toolkit hiding it from programs designed to track Zeus originally. Citadel even blocked victims’ access to legitimate anti-virus and anti-malware sites, making it more difficult to remove the malignant software, even if they were alerted to its presence.
Microsoft is also hunting a hacker known by the alias Aquabox, who was named as the ringleader of the operation in a civil lawsuit filed by the company in North Carolina.
Richard Boscovich of the Digital Crimes Unit suspects Aquabox lives in eastern Europe, as the programs operated by the botnet are programmed not to attack institutions in Ukraine or Russia, likely to avoid attracting local attention to the criminals.
Boscovich describes Aquabox’s operation as international in its scope, working with at least 81 “herders” who help to run the botnet from anywhere in the world. He also operated a forum for his subordinates where they could suggest new tweaks to the software, and exchange tips on managing the computers in their charge.
“Like many of our past operations, this investigation once again revealed how criminals are adapting and evolving,” said Bosovich. “Cooperation is the key to winning the fight against cybercrime, and I’m excited about the opportunity we had to work with law enforcement and the other partners involved.”
Life & Style blogs
The Evil Within preview: a survival horror fan’s best worst nightmare
Porn film production likely to stop in Los Angeles after actor tests positive for HIV
The 3D-printed key that can unlock anything
Ice Bucket Challenge: ALS Association doesn't yet know what to do with all of the money raised
Anal sex study reveals climate of 'coercion'
Robin Williams Emmys tribute led by Billy Crystal criticised for including 'racist' joke about Muslim woman
The Rotherham child abuse scandal is a tale of apologists, misogyny and double standards
What do immigrants really think of Britain? Polish immigrant's Reddit post goes viral
Scottish independence TV debate: Pumped-up Alex Salmond bounces back in bruising second round against Alistair Darling
Do you realise just how foolish the UK looks?
With Douglas Carswell joining Ukip, my party has taken another giant step forward
- 1 Keira Knightley topless: Usually conservative actress does own take on #Freethenipple campaign for Interview Magazine
- 2 Oil tanker with $100 million cargo goes missing off Texas coast
- 3 George Galloway left with severe bruising after attack in Notting Hill by man 'shouting about the Holocaust'
- 4 A teacher speaks out: 'I'm effectively being forced out of a career that I wanted to love'
- 5 Lady al-Qa’ida: On the trail of Dr Aafia Siddiqui, the world’s most wanted prisoner
- < Previous
- Next >
iJobs Gadgets & Tech
£28000 - £30000 per annum + Benefits + Bonus: Harrington Starr: Junior VB.NET ...
£40000 - £50000 per annum + Benefits + Bonus: Harrington Starr: C# .NET Web De...
£45000 - £69999 per annum + Benefits + Bonus: Harrington Starr: C# Algo-Develo...
£60000 - £70000 per annum + Benefits + Bonus: Harrington Starr: Senior Data Sc...