October 27, 2016

Microsoft disrupts half billion dollar Citadel botnet

typing on keyboard-300px(LiveHacking.Com) – Microsoft’s Digital Crimes Unit, together with the the FBI and several different financial services companies, has disrupted more than 1,400 Citadel botnets that were responsible for over half a billion dollars in losses to individuals and businesses worldwide.

The massive cybercrime operation was responsible for stealing people’s online banking information and personal identities. Citadel used a remotely installed keylogging program to steal data from about five million machines. Money was then stolen as the criminals used the usernames and passwords to illegally enter online bank accounts. No particular bank was targeted and cash from taken from well known institutions including American Express, Bank of America, PayPal, HSBC, Royal Bank of Canada and Wells Fargo.

Microsoft outlined how Citadel used PCs bundled with pirated versions of Windows to pre-infect PC. “We also found that cybercriminals are using fraudulently obtained product keys created by key generators for outdated Windows XP software to develop their malware and grow their business, demonstrating another link between software piracy and global cybersecurity threats,” said Richard Domingues Boscovich, Assistant General Counsel, Microsoft Digital Crimes Unit.

To avoid detection Citadel blocked victims’ access to many legitimate anti-virus/anti-malware sites which meant that they could not easily remove the threat from their PC. As part of the disruptive action Microsoft has restored access to these previously blocked sites.