Jun 6, 2013

Microsoft & FBI Cooperate to Take Down Large Botnet

In its largest botnet operation so far, the Microsoft Digital Crimes Unit worked with the FBI, as well as with technology companies and financial institutions in 80 countries, to disrupt a massive botnet operation.

The botnet operation, named Citadel, is responsible for stealing approximately half a billion dollars from bank accounts all around the world. Citadel derives from the source code of another large botnet operation, Zeus, which was made available online.

Together, the joint forces took down a network of about 5 million compromised computers, on which scammers had installed keyloggers to steal authentication data for online banking and payment accounts.

Due to the size and complexity of Citadel, the parties are not expecting to be able to fully take out all of the botnets in the world currently using the Citadel malware; however, about a 1,000 out of over 1,400 are now believed to be down.

In a press release from yesterday, June 5th, Brad Smith, Microsoft general counsel and executive vice president, Legal and Corporate Affairs, said:

The harm done by Citadel shows the threat that botnets, malicious software, and piracy pose to individuals and businesses around the world. Today’s coordinated action between the private sector and law enforcement demonstrates the power of combined legal and technical expertise and we’re going to continue to work together to help put these cybercriminals out of business.

As cybercriminals, along with the malware they are creating, appear to be getting smarter and more complex by the day, Microsoft recommends using firewall and Internet Security software, as well as making sure that all software used is up-to-date (F-Secure comes with Software Updater, a built-in tool specifically for this purpose). Microsoft further points out the importance of using modern versions of Windows software to better prevent malware, fraud, and identity theft. In this case, for example, the cybercriminals have taken advantage of fraudulently obtained product keys created by key generators for outdated Windows XP software.