Microsoft and FBI disrupt Global Cyber Crime Ring

Microsoft and FBI disrupt Global Cyber Crime Ring

Microsoft Digital Crimes Unit, with help from FBI and 80 authorities from across the world, on Wednesday cut off the servers controlling as many as 5 million infected PCs that belonged to the Citadel cyber crime operation. The Citadel botnets were one of the biggest cyber crime rings, allegedly responsible for stealing more than $500 million from the bank accounts of more than 5 million infected computers over the past 18 months.


The network was made of at least 1,400 botnets, which are an army of infected computers used by hackers to exfiltrate data, attack other computers and commit other types of cybercrimes. Microsoft took down more than 1,000 of them, while the company later claimed that it had taken down more than 1,400.[more…]

“The bad guys will feel the punch in the gut,” Richard Boscovich, a spokesman for Microsoft’s digital crimes unit told Reuters.

The “bad guys” behind Citadel, however, are still unknown. The coordinated takedown, while it didn’t completely shut down the infrastructure, has at least significantly disrupted it. This marked the first time a private company and law enforcement agencies have collaborated to take down a global cyber ring like the Citadel botnets.

Authorities believe the hackers behind Citadel reside in Eastern Europe. In fact, The Citadel software is programmed so it will not attack PCs or financial institutions in Ukraine or Russia, likely because the creators operate in those countries and want to avoid provoking law enforcement officials there, Microsoft said. Their ring leader allegedly goes by the name of Aquabox and works with at least 81 other conspirators.

The Citadel malware was mainly spread via pirated versions of Microsoft Windows. Once the virus infected a computer, it stole banking credentials and used those to syphon money from some of the World’s largest banking institutions like Bank of America, HSBC, Wells Fargo and other financial companies such as Paypal or American Express.

The botnets were mainly located within the United States, but also in Western Europe, Hong Kong, India and Australia.

Read more:
http://mashable.com/2013/06/06/microsoft-fbi-botnets/