Microsoft blocked the Citadel botnet

Posted: June 6, 2013 in IT Security News
Tags: , ,

MicrosoftAs part of a joint operation by Microsoft and the U.S. FBI blocked the work of botnet Citadel, which specialize in the theft of personal information and bank details.

At the same time, Microsoft warned that the size and complexity Citadel such that the operation is not likely to destroy Citadel allow 100%. The company also pointed out that some of the other botnets have been associated with the Citadel and in a joint operation could be affected by other botnets.

Botnets are networks of computers infected with malicious software, which is controlled by cyber-criminals and they are used, as a rule, to send spam, spread viruses, attack other computers and servers, as well as for other types of illegal IT activities for botnet operators.

As part of Operation Operation b54 was suspended more than 1,400 team hosts Citadel, which together are responsible for the theft of data from more than 500 million end users and businesses around the world. Richard Boscovich, General Counsel, Microsoft Digital Crimes Unit, says that now the main elements of the Citadel is already out of service and network performance significantly impaired.

According to him, only a botnet was about 5 million computers, most of the United States, Europe, Hong Kong, Singapore, India and Australia. He also noted that the data collected on the operator network were transferred to the U.S. Supreme Court in the state of North Carolina, and transferred data hosting providers on platforms which have worked 1,462 malicious server operator.

It is known that the investigation of the Citadel began in 2012, when the anti-virus division of the company recorded a few spyware and keyloggers, working within the framework of the operators Citadel. Even then it was clear that the owners of Citadel designed to steal banking credentials and money transfers from bank accounts. Later network operators shall trade also began selling stolen user data on behalf of other criminals.

In a statement, Microsoft said that assistance in this operation had several organizations: the American Bankers Association, Center for the exchange of financial data and more. Also took part in the operations center Nacha, responsible for managing the electronic movement of money in the banking system ACH Network.

Boscovich wrote that the attackers originally applied only to software attack on an outdated system Windows XP, but with time they have released solutions for Windows 7 and even the new Windows 8.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s