$500 million botnet Citadel attacked by Microsoft and the FBI

Joint operation identified more than 1000 botnets, but operations continue

A joint strike by Microsoft and the FBI, with aid from authorities in more than 80 countries, has begun breaking up the Citadel network - a cybercrime ring responsible for stealing more than $500 million (£323 million) from bank accounts.

The criminals in charge of the Citadel network installed key logging software on up to five million computers to steal data, recording logins and passwords before emptying individuals’ online accounts.

Banks affected by the group’s activities included American Express, Bank of America, HSBC, Wells Fargo, PayPal, and Royal Bank of Canada.

Microsoft describes the internationally-organised assault as “our most aggressive botnet operation to date”, marking the first time that “law enforcement and the private sector have worked together […] to execute a civil seizure warrant as part of a botnet disruption operation.”

During the attack, codenamed Operation b54, more than 1,000 botnets were shut down over Wednesday, with Microsoft stating that 455 of those were hosted in 40 data centres in the US.

Richard Bosovich of the Digital Crimes Unit has said that those that run the data centres are usually unaware of the botnets: “There is no responsibility on their part to see what is in the pipes,” he said.

The reports by Reuters on the operation do warn that this operation will not extinguish the operations of the Citadel group, but it will “significantly disrupt” their operation.

Citadel’s operations were started after the source code for an infamous cybercrime toolkit named Zeus was released in 2011. The code available from Zeus offered tools for many forms of cybercrime, from keystroke logging to phishing schemes.

The code was then augmented by enthusiasts and opportunists on cybercrime forums, with Citadel’s tweaks to the toolkit hiding it from programs designed to track Zeus originally. Citadel even blocked victims’ access to legitimate anti-virus and anti-malware sites, making it more difficult to remove the malignant software, even if they were alerted to its presence.

Microsoft is also hunting a hacker known by the alias Aquabox, who was named as the ringleader of the operation in a civil lawsuit filed by the company in North Carolina.

Richard Boscovich of the Digital Crimes Unit suspects Aquabox lives in eastern Europe, as the programs operated by the botnet are programmed not to attack institutions in Ukraine or Russia, likely to avoid attracting local attention to the criminals.

Boscovich describes Aquabox’s operation as international in its scope, working with at least 81 “herders” who help to run the botnet from anywhere in the world. He also operated a forum for his subordinates where they could suggest new tweaks to the software, and exchange tips on managing the computers in their charge.

“Like many of our past operations, this investigation once again revealed how criminals are adapting and evolving,” said Bosovich. “Cooperation is the key to winning the fight against cybercrime, and I’m excited about the opportunity we had to work with law enforcement and the other partners involved.”

Life and Style
ebookNow available in paperback
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: Application Developer

    £20000 - £28000 per annum: Recruitment Genius: Based in the centre of Glasgow,...

    SThree: Trainee Recruitment Consultant - Manchester

    £18000 - £23000 per annum + OTE: SThree: Recruitment and Sales People wanted f...

    Recruitment Genius: Project Manager

    £35000 - £50000 per annum: Recruitment Genius: This global provider of call ce...

    Recruitment Genius: Application Support Engineer - Software

    £18000 - £22000 per annum: Recruitment Genius: A small rapidly expanding IT So...

    Day In a Page

    Blundering Tony Blair quits as Middle East peace envoy – only Israel will miss him

    Blundering Blair quits as Middle East peace envoy – only Israel will miss him

    For Arabs – and for Britons who lost their loved ones in his shambolic war in Iraq – his appointment was an insult, says Robert Fisk
    Fifa corruption arrests: All hail the Feds for riding to football's rescue

    Fifa corruption arrests

    All hail the Feds for riding to football's rescue, says Ian Herbert
    Isis in Syria: The Kurdish enclave still resisting the tyranny of President Assad and militant fighters

    The Kurdish enclave still resisting the tyranny of Assad and Isis

    In Syrian Kurdish cantons along the Turkish border, the progressive aims of the 2011 uprising are being enacted despite the war. Patrick Cockburn returns to Amuda
    How I survived Cambodia's Killing Fields: Acclaimed surgeon SreyRam Kuy celebrates her mother's determination to escape the US

    How I survived Cambodia's Killing Fields

    Acclaimed surgeon SreyRam Kuy celebrates her mother's determination to escape to the US
    Stephen Mangan interview: From posh buffoon to pregnant dad, the actor has quite a range

    How Stephen Mangan got his range

    Posh buffoon, hapless writer, pregnant dad - Mangan is certainly a versatile actor
    The ZX Spectrum has been crowd-funded back into play - with some 21st-century tweaks

    The ZX Spectrum is back

    The ZX Spectrum was the original - and for some players, still the best. David Crookes meets the fans who've kept the games' flames lit
    Grace of Monaco film panned: even the screenwriter pours scorn on biopic starring Nicole Kidman

    Even the screenwriter pours scorn on Grace of Monaco biopic

    The critics had a field day after last year's premiere, but the savaging goes on
    Menstrual Hygiene Day: The strange ideas people used to believe about periods

    Menstrual Hygiene Day: The strange ideas people once had about periods

    If one was missed, vomiting blood was seen as a viable alternative
    The best work perks: From free travel cards to making dreams come true (really)

    The quirks of work perks

    From free travel cards to making dreams come true (really)
    Is bridge the latest twee pastime to get hip?

    Is bridge becoming hip?

    The number of young players has trebled in the past year. Gillian Orr discovers if this old game has new tricks
    Long author-lists on research papers are threatening the academic work system

    The rise of 'hyperauthorship'

    Now that academic papers are written by thousands (yes, thousands) of contributors, it's getting hard to tell workers from shirkers
    The rise of Lego Clubs: How toys are helping children struggling with social interaction to build better relationships

    The rise of Lego Clubs

    How toys are helping children struggling with social interaction to build better relationships
    5 best running glasses

    On your marks: 5 best running glasses

    Whether you’re pounding pavements, parks or hill passes, keep your eyes protected in all weathers
    Joe Root: 'Ben Stokes gives everything – he’s rubbing off on us all'

    'Ben Stokes gives everything – he’s rubbing off on us all'

    Joe Root says the England dressing room is a happy place again – and Stokes is the catalyst
    Raif Badawi: Wife pleads for fresh EU help as Saudi blogger's health worsens

    Please save my husband

    As the health of blogger Raif Badawi worsens in prison, his wife urges EU governments to put pressure on the Saudi Arabian royal family to allow her husband to join his family in Canada