$500 million botnet Citadel attacked by Microsoft and the FBI

Joint operation identified more than 1000 botnets, but operations continue

A joint strike by Microsoft and the FBI, with aid from authorities in more than 80 countries, has begun breaking up the Citadel network - a cybercrime ring responsible for stealing more than $500 million (£323 million) from bank accounts.

The criminals in charge of the Citadel network installed key logging software on up to five million computers to steal data, recording logins and passwords before emptying individuals’ online accounts.

Banks affected by the group’s activities included American Express, Bank of America, HSBC, Wells Fargo, PayPal, and Royal Bank of Canada.

Microsoft describes the internationally-organised assault as “our most aggressive botnet operation to date”, marking the first time that “law enforcement and the private sector have worked together […] to execute a civil seizure warrant as part of a botnet disruption operation.”

During the attack, codenamed Operation b54, more than 1,000 botnets were shut down over Wednesday, with Microsoft stating that 455 of those were hosted in 40 data centres in the US.

Richard Bosovich of the Digital Crimes Unit has said that those that run the data centres are usually unaware of the botnets: “There is no responsibility on their part to see what is in the pipes,” he said.

The reports by Reuters on the operation do warn that this operation will not extinguish the operations of the Citadel group, but it will “significantly disrupt” their operation.

Citadel’s operations were started after the source code for an infamous cybercrime toolkit named Zeus was released in 2011. The code available from Zeus offered tools for many forms of cybercrime, from keystroke logging to phishing schemes.

The code was then augmented by enthusiasts and opportunists on cybercrime forums, with Citadel’s tweaks to the toolkit hiding it from programs designed to track Zeus originally. Citadel even blocked victims’ access to legitimate anti-virus and anti-malware sites, making it more difficult to remove the malignant software, even if they were alerted to its presence.

Microsoft is also hunting a hacker known by the alias Aquabox, who was named as the ringleader of the operation in a civil lawsuit filed by the company in North Carolina.

Richard Boscovich of the Digital Crimes Unit suspects Aquabox lives in eastern Europe, as the programs operated by the botnet are programmed not to attack institutions in Ukraine or Russia, likely to avoid attracting local attention to the criminals.

Boscovich describes Aquabox’s operation as international in its scope, working with at least 81 “herders” who help to run the botnet from anywhere in the world. He also operated a forum for his subordinates where they could suggest new tweaks to the software, and exchange tips on managing the computers in their charge.

“Like many of our past operations, this investigation once again revealed how criminals are adapting and evolving,” said Bosovich. “Cooperation is the key to winning the fight against cybercrime, and I’m excited about the opportunity we had to work with law enforcement and the other partners involved.”

Arts and Entertainment
The Doctor and the Dalek meet
tvReview: Doctor Who Into the Dalek more than compensated for last week's nonsensical offering
Arts and Entertainment
books
Sport
Diego Costa
footballEverton 3 Chelsea 6: Diego Costa double has manager purring
Life and Style
3D printed bump keys can access almost any lock
gadgets + techSoftware needs photo of lock and not much more
PROMOTED VIDEO
Life and Style
ebooksA superb mix of recipes serving up the freshest of local produce in a delicious range of styles
Life and Style
ebooksFrom the lifespan of a slug to the distance to the Sun: answers to 500 questions from readers
News
i100
Arts and Entertainment
Inside the gallery at Frederick Bremer School in Walthamstow
tvSimon Usborne goes behind the scenes to watch the latest series
Life and Style
Silvia says of her famous creation: 'I never stopped wearing it. Because I like to wear things when they are off the radar'
fashionThe fashion house celebrated fifteen years of the punchy pouch with a weighty tome
Arts and Entertainment
Gregg Wallace in Summer's Supermarket Secrets
tv All of this year's 15 contestants have now been named
News
i100Steve Carell selling chicken, Tina Fey selling saving accounts and Steve Colbert selling, um...
Life and Style
A picture taken on January 12, 2011 shows sex shops at the Paris district of Pigalle.
newsThe industry's trade body issued the moratorium on Friday
Arts and Entertainment
Could we see Iain back in the Bake Off tent next week?
tv Contestant teased Newsnight viewers on potential reappearance
News
i100
News
The slice of Prince Charles and Princess Diana's wedding cake and the original box from 29 July 1981
newsPiece of Charles and Diana's wedding cake sold at auction in US
Voices
The Ukip leader has consistently refused to be drawn on where he would mount an attempt to secure a parliamentary seat
voicesNigel Farage: Those who predicted we would lose momentum heading into the 2015 election are going to have to think again
Arts and Entertainment
Cara Delevingne made her acting debut in Anna Karenina in 2012
film Cara Delevingne 'in talks' to star in Zoolander sequel
Independent
Travel Shop
the manor
Up to 70% off luxury travel
on city breaks Find out more
santorini
Up to 70% off luxury travel
on chic beach resorts Find out more
sardina foodie
Up to 70% off luxury travel
on country retreats Find out more
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Junior VB.NET Application Developer (ASP.NET, SQL, Graduate)

    £28000 - £30000 per annum + Benefits + Bonus: Harrington Starr: Junior VB.NET ...

    C# .NET Web Developer (ASP.NET, JavaScript, jQuery, XML, XLST)

    £40000 - £50000 per annum + Benefits + Bonus: Harrington Starr: C# .NET Web De...

    C# Algo-Developer (BDD/TDD, ASP.NET, JavaScript, RX)

    £45000 - £69999 per annum + Benefits + Bonus: Harrington Starr: C# Algo-Develo...

    Senior Data Scientist (Data Mining, Apache Mahout, Python,R,AI)

    £60000 - £70000 per annum + Benefits + Bonus: Harrington Starr: Senior Data Sc...

    Day In a Page

    Doctor Who Into the Dalek review: A classic sci-fi adventure with all the spectacle of a blockbuster

    A fresh take on an old foe

    Doctor Who Into the Dalek more than compensated for last week's nonsensical offering
    Ukraine crisis: The phoney war is over as Russian troops and armour pour across the border

    The phoney war is over

    Russian troops and armour pour into Ukraine
    Potatoes could be off the menu as crop pests threaten UK

    Potatoes could be off the menu as crop pests threaten UK

    The world’s entire food system is under attack - and Britain is most at risk, according to a new study
    Gangnam smile: why the Chinese are flocking to South Korea to buy a new face

    Gangnam smile: why the Chinese are flocking to South Korea to buy a new face

    Seoul's plastic surgery industry is booming thanks to the popularity of the K-Pop look
    From Mozart to Orson Welles: Creative geniuses who peaked too soon

    Creative geniuses who peaked too soon

    After the death of Sandy Wilson, 90, who wrote his only hit musical in his twenties, John Walsh wonders what it's like to peak too soon and go on to live a life more ordinary
    Caught in the crossfire of a cyber Cold War

    Caught in the crossfire of a cyber Cold War

    Fears are mounting that Vladimir Putin has instructed hackers to target banks like JP Morgan
    Salomé's feminine wiles have inspired writers, painters and musicians for 2,000 years

    Salomé: A head for seduction

    Salomé's feminine wiles have inspired writers, painters and musicians for 2,000 years. Now audiences can meet the Biblical femme fatale in two new stage and screen projects
    From Bram Stoker to Stanley Kubrick, the British Library's latest exhibition celebrates all things Gothic

    British Library celebrates all things Gothic

    Forthcoming exhibition Terror and Wonder: The Gothic Imagination will be the UK's largest ever celebration of Gothic literature
    The Hard Rock Café's owners are embroiled in a bitter legal dispute - but is the restaurant chain worth fighting for?

    Is the Hard Rock Café worth fighting for?

    The restaurant chain's owners are currently embroiled in a bitter legal dispute
    Caribbean cuisine is becoming increasingly popular in the UK ... and there's more to it than jerk chicken at carnival

    In search of Caribbean soul food

    Caribbean cuisine is becoming increasingly popular in the UK ... and there's more to it than jerk chicken at carnival
    11 best face powders

    11 best face powders

    Sweep away shiny skin with our pick of the best pressed and loose powder bases
    England vs Norway: Roy Hodgson's hands tied by exploding top flight

    Roy Hodgson's hands tied by exploding top flight

    Lack of Englishmen at leading Premier League clubs leaves manager hamstrung
    Angel Di Maria and Cristiano Ronaldo: A tale of two Manchester United No 7s

    Di Maria and Ronaldo: A tale of two Manchester United No 7s

    They both inherited the iconic shirt at Old Trafford, but the £59.7m new boy is joining a club in a very different state
    Israel-Gaza conflict: No victory for Israel despite weeks of death and devastation

    Robert Fisk: No victory for Israel despite weeks of devastation

    Palestinians have won: they are still in Gaza, and Hamas is still there
    Mary Beard writes character reference for Twitter troll who called her a 'slut'

    Unlikely friends: Mary Beard and the troll who called her a ‘filthy old slut’

    The Cambridge University classicist even wrote the student a character reference