$500 million botnet Citadel attacked by Microsoft and the FBI

Joint operation identified more than 1000 botnets, but operations continue

A joint strike by Microsoft and the FBI, with aid from authorities in more than 80 countries, has begun breaking up the Citadel network - a cybercrime ring responsible for stealing more than $500 million (£323 million) from bank accounts.

The criminals in charge of the Citadel network installed key logging software on up to five million computers to steal data, recording logins and passwords before emptying individuals’ online accounts.

Banks affected by the group’s activities included American Express, Bank of America, HSBC, Wells Fargo, PayPal, and Royal Bank of Canada.

Microsoft describes the internationally-organised assault as “our most aggressive botnet operation to date”, marking the first time that “law enforcement and the private sector have worked together […] to execute a civil seizure warrant as part of a botnet disruption operation.”

During the attack, codenamed Operation b54, more than 1,000 botnets were shut down over Wednesday, with Microsoft stating that 455 of those were hosted in 40 data centres in the US.

Richard Bosovich of the Digital Crimes Unit has said that those that run the data centres are usually unaware of the botnets: “There is no responsibility on their part to see what is in the pipes,” he said.

The reports by Reuters on the operation do warn that this operation will not extinguish the operations of the Citadel group, but it will “significantly disrupt” their operation.

Citadel’s operations were started after the source code for an infamous cybercrime toolkit named Zeus was released in 2011. The code available from Zeus offered tools for many forms of cybercrime, from keystroke logging to phishing schemes.

The code was then augmented by enthusiasts and opportunists on cybercrime forums, with Citadel’s tweaks to the toolkit hiding it from programs designed to track Zeus originally. Citadel even blocked victims’ access to legitimate anti-virus and anti-malware sites, making it more difficult to remove the malignant software, even if they were alerted to its presence.

Microsoft is also hunting a hacker known by the alias Aquabox, who was named as the ringleader of the operation in a civil lawsuit filed by the company in North Carolina.

Richard Boscovich of the Digital Crimes Unit suspects Aquabox lives in eastern Europe, as the programs operated by the botnet are programmed not to attack institutions in Ukraine or Russia, likely to avoid attracting local attention to the criminals.

Boscovich describes Aquabox’s operation as international in its scope, working with at least 81 “herders” who help to run the botnet from anywhere in the world. He also operated a forum for his subordinates where they could suggest new tweaks to the software, and exchange tips on managing the computers in their charge.

“Like many of our past operations, this investigation once again revealed how criminals are adapting and evolving,” said Bosovich. “Cooperation is the key to winning the fight against cybercrime, and I’m excited about the opportunity we had to work with law enforcement and the other partners involved.”

Sport
England's women celebrate after their 3rd place play-off win against Germany
Women's World CupFara Williams converts penalty to secure victory and bronze medals
Arts and Entertainment
Ricardo by Edward Sutcliffe, 2014
artPortraits of LA cricketers from notorious suburb go on display
News
newsHillary Clinton comments on viral Humans of New York photo of gay teenager
Arts and Entertainment
The gang rape scene in the Royal Opera’s production of Gioachino Rossini’s Guillaume Tell has caused huge controversy
music
Life and Style
ebookNow available in paperback
ebooks
ebookA delicious collection of 50 meaty main courses
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: Support and Development Engineer

    £20000 per annum: Recruitment Genius: The leading provider of Employee Managem...

    Recruitment Genius: Creative Designer

    £15000 - £25000 per annum: Recruitment Genius: This Kent based design consulta...

    Recruitment Genius: IT Gazetteer Consultant

    £25000 - £34000 per annum: Recruitment Genius: Are you looking to work for an ...

    Recruitment Genius: Regional Support Manager

    Negotiable: Recruitment Genius: This role's responsibility also include operat...

    Day In a Page

    The Greek referendum exposes a gaping hole at the heart of the European Union – its distinct lack of any genuine popular legitimacy

    Gaping hole at the heart of the European Union

    Treatment of Greece has shown up a lack of genuine legitimacy
    Number of young homeless in Britain 'more than three times the official figures'

    'Everything changed when I went to the hostel'

    Number of young homeless people in Britain is 'more than three times the official figures'
    Compton Cricket Club

    Compton Cricket Club

    Portraits of LA cricketers from notorious suburb to be displayed in London
    London now the global money-laundering centre for the drug trade, says crime expert

    Wlecome to London, drug money-laundering centre for the world

    'Mexico is its heart and London is its head'
    The Buddhist temple minutes from Centre Court that helps a winner keep on winning

    The Buddhist temple minutes from Centre Court

    It helps a winner keep on winning
    Is this the future of flying: battery-powered planes made of plastic, and without flight decks?

    Is this the future of flying?

    Battery-powered planes made of plastic, and without flight decks
    Isis are barbarians – but the Caliphate is a dream at the heart of all Muslim traditions

    Isis are barbarians

    but the Caliphate is an ancient Muslim ideal
    The Brink's-Mat curse strikes again: three tons of stolen gold that brought only grief

    Curse of Brink's Mat strikes again

    Death of John 'Goldfinger' Palmer the latest killing related to 1983 heist
    Greece debt crisis: 'The ministers talk to us about miracles' – why Greeks are cynical ahead of the bailout referendum

    'The ministers talk to us about miracles'

    Why Greeks are cynical ahead of the bailout referendum
    Call of the wild: How science is learning to decode the way animals communicate

    Call of the wild

    How science is learning to decode the way animals communicate
    Greece debt crisis: What happened to democracy when it’s a case of 'Vote Yes or else'?

    'The economic collapse has happened. What is at risk now is democracy...'

    If it doesn’t work in Europe, how is it supposed to work in India or the Middle East, asks Robert Fisk
    The science of swearing: What lies behind the use of four-letter words?

    The science of swearing

    What lies behind the use of four-letter words?
    The Real Stories of Migrant Britain: Clive fled from Zimbabwe - now it won't have him back

    The Real Stories of Migrant Britain

    Clive fled from Zimbabwe - now it won’t have him back
    Africa on the menu: Three foodie friends want to popularise dishes from the continent

    Africa on the menu

    Three foodie friends want to popularise dishes from the hot new continent
    Donna Karan is stepping down after 30 years - so who will fill the DKNY creator's boots?

    Who will fill Donna Karan's boots?

    The designer is stepping down as Chief Designer of DKNY after 30 years. Alexander Fury looks back at the career of 'America's Chanel'