Microsoft and FBI Take Down Citadel Malware Botnet

The Internet is an amazing place. But, increasingly, it's a place filled with peril and pitfalls, particularly if you're hosting something of value. International cybercrime has found itself in the spotlight of late, and now Microsoft is making a concerted effort to help curb it. Microsoft has just announced that it is working lockstep with leaders in the financial services industry, including the Financial Services – Information Sharing and Analysis Center (FS-ISAC), NACHA – The Electronic Payments Association, the American Bankers Association (ABA) – Agari, and other technology industry partners, as well as the Federal Bureau of Investigation. Why?


Glad you asked. It has successfully disrupted more than a thousand botnets that are responsible for stealing people's online banking information and personal identities, and it's looking to do even more. Botnets are networks of compromised computers infected by malicious software to be controlled by cybercriminals known as botherders. This cooperative action is part of a growing proactive effort by both the public and private sector to fight cybercrime, help protect people and businesses from online fraud and identity theft, and enhance cloud security for everyone. Here's a bit more detail from inside Microsoft:

"This coordinated disruption resulted from an extensive investigation that Microsoft and its financial services and technology industry partners began in early 2012. After looking into this threat, Microsoft and its partners discovered that once a computer was infected with Citadel malware, that malware began monitoring and recording a victim's keystrokes. This tactic, known as keylogging, provides cybercriminals information to gain direct access to a victim's bank account or any other online account in order to withdraw money or steal personal identities.

This means that when victims are using their computers to access their bank or online accounts, cybercriminals can use the stolen information to quietly pilfer those same accounts as well. Microsoft also found that in addition to being responsible for more than half a billion dollars in losses among people and businesses worldwide, the Citadel malware has affected upwards of five million people, with some of the highest number of infections appearing in the U.S., Europe, Hong Kong, Singapore, India, and Australia. Citadel is a global threat that is believed may have already infected victims in more than ninety countries worldwide since its inception."

Clearly, Microsoft won't stop here. As cybercrime increases, the company seems poised to be on the front line of stopping it. A new era of policing? We might be looking at it.