Microsoft Removes 88% of Citadel Botnets, Malware that Affected More than 5 Million People

Arici Alexandra By: Arici Alexandra
2 minute read

Home » Microsoft Removes 88% of Citadel Botnets, Malware that Affected More than 5 Million People

This week we have seen Microsoft report the finalization of the Citadel botnet operation. For those unfamiliar with the matter, the tech giant launched an aggressive campaign alongside financial services industry leaders, tech industry partners and the FBI itself in order to take down Citadel botnets.

What is a Citadel botnet, you might be wondering? Citadel is one of the most dangerous Trojans alive out there in cyber space, because it has been especially designed to steal sensitive financial information. Citadel is a spawn of the better known Zeus malware and is usually used by cyber criminals looking to extract large sums of money from their victims’ accounts. Citadel can speculate usernames and password used in financial transactions, so hackers using the malware would hold tremendous power over the victim.

microsoft citadel botnet takedown

Microsoft’s “most aggressive botnet operation is a success

Following an operation that kickstarted two months ago, Microsoft finally managed to remove 88% of Citadels bots from its data centers which were used by botmasters to access the sensitive information. Microsoft had to sinkhole lots of domains that were under the power of botmasters using Citadel. Sinkholing involves monitoring computers that are linked to the sinkhole in order to be able to alert the network owners about the problem that has been found in the systems.

However, in the end it turned out that not all sinkholes busted by Microsoft were legitimate ones. Some were set up by security researches in an effort to track Cidatel’s movements. Microsoft received support from the FBI in this important operation because Citadel botnets were apparently spreading without control. More than 1,400 botnets related to Citadel made a negative impact over more than five million people worldwide. From the TechNet blog post:

According to our data, as of July 23, our coordinated action against the threat has disrupted roughly 88 percent of the Citadel botnets operating worldwide. In addition, our analysis shows that approximately 40 percent of the computers we believe to have been infected with Citadel and directly impacted by our operation have been cleaned since the time of our action in June, and we continue to work with others to help clean the remaining victims

Microsoft has performed operations like these in the past but this is the first time law enforcement comes into the picture. According to the data, most infected countries turned out to be Germany, Thailand, Italy, India, Australia and the US. Watch the video below with the commentary from Richard Domingues Boscovich, Assistant General Counsel at Microsoft’s Digital Crimes Unit.


via: TechNet


Next up

4 trendy Gears of War Christmas sweaters to gift this season

Madhuparna Sukul avatar. By: Madhuparna Sukul
Less than a 1 minute read

Wearing fashionable sweaters is no big deal during winters, but wearing an ugly sweater is. Yes, the trend of ugly Christmas sweaters is back. The […]

Continue Reading

What software to use for photo collage in 2019?

Matthew Adams By: Matthew Adams
Less than a 1 minute read

As you all know, photo slideshow software gives you one way to show off your fave snapshots. However, photo collages that display a collection of […]

Continue Reading

How can I mirror my iPhone or iPad screen to Windows 10?

Matthew Adams By: Matthew Adams
3 minute read

AirPlay media streaming enables you to stream content from an iPhone or iPad to Mac OS X desktop or laptop. This media streaming, otherwise mirroring, projects […]

Continue Reading