June 6th, 2013, 20:44 PM
Microsoft, FBI Take Down 'Citadel' Botnet Targeting Bank Info
Microsoft today announced that, in coordination with the FBI, it has disrupted more than 1,000 botnets used to steal people's banking information and identities.
The malware, dubbed Citadel, resulted in losses of more than $500 million and affected more than 5 million people.
Most were located in the U.S., Europe, Hong Kong, Singapore, India, and Australia, but Microsoft has found evidence of Citadel in more than 90 countries.
Citadel installed key-logging software onto a computer, which tracked everything a person typed. That allowed the scammers to steal passwords and gain direct access to a PC user's bank account.
"The harm done by Citadel shows the threat that botnets, malicious software, and piracy pose to individuals and businesses around the world," Brad Smith, Microsoft general counsel, said in a statement. "Today's coordinated action between the private sector and law enforcement demonstrates the power of combined legal and technical expertise and we're going to continue to work together to help put these cybercriminals out of business."
Microsoft has been working with the FBI on taking down Citadel since early 2012. Last week, it filed suit against those operating the botnet and received authorization from a North Carolina district court to shut down communication between 1,462 Citadel botnets and the millions of computers under their control.
Redmond also seized evidence, including servers, from data-hosting facilities in New Jersey and Pennsylvania. Microsoft and the FBI are in contact with Computer Emergency Response Teams (CERTs) so they can address botnet activity overseas.