$500 million botnet Citadel attacked by Microsoft and the FBI

Joint operation identified more than 1000 botnets, but operations continue

A joint strike by Microsoft and the FBI, with aid from authorities in more than 80 countries, has begun breaking up the Citadel network - a cybercrime ring responsible for stealing more than $500 million (£323 million) from bank accounts.

The criminals in charge of the Citadel network installed key logging software on up to five million computers to steal data, recording logins and passwords before emptying individuals’ online accounts.

Banks affected by the group’s activities included American Express, Bank of America, HSBC, Wells Fargo, PayPal, and Royal Bank of Canada.

Microsoft describes the internationally-organised assault as “our most aggressive botnet operation to date”, marking the first time that “law enforcement and the private sector have worked together […] to execute a civil seizure warrant as part of a botnet disruption operation.”

During the attack, codenamed Operation b54, more than 1,000 botnets were shut down over Wednesday, with Microsoft stating that 455 of those were hosted in 40 data centres in the US.

Richard Bosovich of the Digital Crimes Unit has said that those that run the data centres are usually unaware of the botnets: “There is no responsibility on their part to see what is in the pipes,” he said.

The reports by Reuters on the operation do warn that this operation will not extinguish the operations of the Citadel group, but it will “significantly disrupt” their operation.

Citadel’s operations were started after the source code for an infamous cybercrime toolkit named Zeus was released in 2011. The code available from Zeus offered tools for many forms of cybercrime, from keystroke logging to phishing schemes.

The code was then augmented by enthusiasts and opportunists on cybercrime forums, with Citadel’s tweaks to the toolkit hiding it from programs designed to track Zeus originally. Citadel even blocked victims’ access to legitimate anti-virus and anti-malware sites, making it more difficult to remove the malignant software, even if they were alerted to its presence.

Microsoft is also hunting a hacker known by the alias Aquabox, who was named as the ringleader of the operation in a civil lawsuit filed by the company in North Carolina.

Richard Boscovich of the Digital Crimes Unit suspects Aquabox lives in eastern Europe, as the programs operated by the botnet are programmed not to attack institutions in Ukraine or Russia, likely to avoid attracting local attention to the criminals.

Boscovich describes Aquabox’s operation as international in its scope, working with at least 81 “herders” who help to run the botnet from anywhere in the world. He also operated a forum for his subordinates where they could suggest new tweaks to the software, and exchange tips on managing the computers in their charge.

“Like many of our past operations, this investigation once again revealed how criminals are adapting and evolving,” said Bosovich. “Cooperation is the key to winning the fight against cybercrime, and I’m excited about the opportunity we had to work with law enforcement and the other partners involved.”

Sport
sportWWE latest including Sting vs Triple H, Brock Lesnar vs Roman Reigns and The Undertaker vs Bray Wyatt
Arts and Entertainment
Louis Theroux: By Reason of Insanity takes him behind the bars again
tvBy Reason of Insanity, TV review
Arts and Entertainment
Cassetteboy's latest video is called Emperor's New Clothes rap
videoThe political parody genius duo strike again with new video
Arts and Entertainment
tvPoldark, TV review
Life and Style
ebookNow available in paperback
ebooks
ebookPart of The Independent’s new eBook series The Great Composers
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: Junior Web Designer - Client Liaison

    £6 per hour: Recruitment Genius: This is an exciting opportunity to join a gro...

    Recruitment Genius: Service Delivery Manager

    Negotiable: Recruitment Genius: A Service Delivery Manager is required to join...

    Recruitment Genius: IT Infrastructure Engineer

    £30000 - £40000 per annum: Recruitment Genius: Our client is looking to find a...

    Recruitment Genius: IT Engineer

    £21000 - £23600 per annum: Recruitment Genius: An exciting opportunity to join...

    Day In a Page

    No postcode? No vote

    Floating voters

    How living on a houseboat meant I didn't officially 'exist'
    Louis Theroux's affable Englishman routine begins to wear thin

    By Reason of Insanity

    Louis Theroux's affable Englishman routine begins to wear thin
    Power dressing is back – but no shoulderpads!

    Power dressing is back

    But banish all thoughts of Eighties shoulderpads
    Spanish stone-age cave paintings 'under threat' after being re-opened to the public

    Spanish stone-age cave paintings in Altamira 'under threat'

    Caves were re-opened to the public
    'I was the bookies’ favourite to be first to leave the Cabinet'

    Vince Cable interview

    'I was the bookies’ favourite to be first to leave the Cabinet'
    Election 2015: How many of the Government's coalition agreement promises have been kept?

    Promises, promises

    But how many coalition agreement pledges have been kept?
    The Gaza fisherman who built his own reef - and was shot dead there by an Israeli gunboat

    The death of a Gaza fisherman

    He built his own reef, and was fatally shot there by an Israeli gunboat
    Saudi Arabia's airstrikes in Yemen are fuelling the Gulf's fire

    Saudi airstrikes are fuelling the Gulf's fire

    Arab intervention in Yemen risks entrenching Sunni-Shia divide and handing a victory to Isis, says Patrick Cockburn
    Zayn Malik's departure from One Direction shows the perils of fame in the age of social media

    The only direction Zayn could go

    We wince at the anguish of One Direction's fans, but Malik's departure shows the perils of fame in the age of social media
    Young Magician of the Year 2015: Meet the schoolgirl from Newcastle who has her heart set on being the competition's first female winner

    Spells like teen spirit

    A 16-year-old from Newcastle has set her heart on being the first female to win Young Magician of the Year. Jonathan Owen meets her
    Jonathan Anderson: If fashion is a cycle, this young man knows just how to ride it

    If fashion is a cycle, this young man knows just how to ride it

    British designer Jonathan Anderson is putting his stamp on venerable house Loewe
    Number plates scheme could provide a licence to offend in the land of the free

    Licence to offend in the land of the free

    Cash-strapped states have hit on a way of making money out of drivers that may be in collision with the First Amendment, says Rupert Cornwell
    From farm to fork: Meet the Cornish fishermen, vegetable-growers and butchers causing a stir in London's top restaurants

    From farm to fork in Cornwall

    One man is bringing together Cornwall's most accomplished growers, fishermen and butchers with London's best chefs to put the finest, freshest produce on the plates of some of the country’s best restaurants
    Robert Parker interview: The world's top wine critic on tasting 10,000 bottles a year, absurd drinking notes and New World wannabes

    Robert Parker interview

    The world's top wine critic on tasting 10,000 bottles a year, absurd drinking notes and New World wannabes
    Don't believe the stereotype - or should you?

    Don't believe the stereotype - or should you?

    We exaggerate regional traits and turn them into jokes - and those on the receiving end are in on it too, says DJ Taylor