Microsoft says about the “freeing” of two million computers of botnet Citadel
Microsoft says that earlier this month, the company has blocked the work of a large botnet Citadel, which allowed “to free” about 2 million computers worldwide. Previously, these machines have been infected with malicious software and used to steal more than $ 500 million from bank accounts.
“We definitely liberated more than 2 million PCs worldwide. This is a very conservative estimate,” – said Richard Boscovich, Assistant General Counsel for Microsoft Digita Crimes Unit. “Most of the machines worked in the U.S., Europe and Hong Kong.”
Boskovich said that “black day” for the Citadel came on June 5, when the corporation with the support of the FBI and law enforcement 80 countries turned off the network management servers Citadel.
Botnets are networks of computers infected with malicious software, which is controlled by cyber-criminals and they are used, as a rule, to send spam, spread viruses, attack other computers and servers, as well as for other types of illegal IT activities for botnet operators.
Boskovich says that now the main elements of Citadel already incapacitated and network performance significantly impaired. According to him, only a botnet was about 5 million computers, most of the United States, Europe, Hong Kong, Singapore, India and Australia. He also noted that the data collected on the operator network were transferred to the U.S. Supreme Court in the state of North Carolina, and transferred hosting providers on platforms which have worked 1,462 malicious server operator.
It is known that investigation of activity of Citadel began in 2012, when the anti-virus division of the company recorded a few spyware and keyloggers, working within the framework of the operators Citadel. Even then it was clear that the Citadel designed to steal banking credentials and money transfers from bank accounts. Later network operators shall trade also began selling stolen user data on behalf of other criminals.
In a statement, Microsoft said that assistance in this operation had several organizations: the American Bankers Association, Center for financial data exchange, and others. Also took part in the operations center Nacha, responsible for managing the electronic movement of money in the banking system ACH Network.