Microsoft Removes 88% of Citadel Botnets, Malware that Affected More than 5 Million People

Arici Alexandra By: Arici Alexandra
2 minute read

Home » News » Microsoft Removes 88% of Citadel Botnets, Malware that Affected More than 5 Million People

This week we have seen Microsoft report the finalization of the Citadel botnet operation. For those unfamiliar with the matter, the tech giant launched an aggressive campaign alongside financial services industry leaders, tech industry partners and the FBI itself in order to take down Citadel botnets.

What is a Citadel botnet, you might be wondering? Citadel is one of the most dangerous Trojans alive out there in cyber space, because it has been especially designed to steal sensitive financial information. Citadel is a spawn of the better known Zeus malware and is usually used by cyber criminals looking to extract large sums of money from their victims’ accounts. Citadel can speculate usernames and password used in financial transactions, so hackers using the malware would hold tremendous power over the victim.

microsoft citadel botnet takedown

Microsoft’s “most aggressive botnet operation is a success

Following an operation that kickstarted two months ago, Microsoft finally managed to remove 88% of Citadels bots from its data centers which were used by botmasters to access the sensitive information. Microsoft had to sinkhole lots of domains that were under the power of botmasters using Citadel. Sinkholing involves monitoring computers that are linked to the sinkhole in order to be able to alert the network owners about the problem that has been found in the systems.

However, in the end it turned out that not all sinkholes busted by Microsoft were legitimate ones. Some were set up by security researches in an effort to track Cidatel’s movements. Microsoft received support from the FBI in this important operation because Citadel botnets were apparently spreading without control. More than 1,400 botnets related to Citadel made a negative impact over more than five million people worldwide. From the TechNet blog post:

According to our data, as of July 23, our coordinated action against the threat has disrupted roughly 88 percent of the Citadel botnets operating worldwide. In addition, our analysis shows that approximately 40 percent of the computers we believe to have been infected with Citadel and directly impacted by our operation have been cleaned since the time of our action in June, and we continue to work with others to help clean the remaining victims

Microsoft has performed operations like these in the past but this is the first time law enforcement comes into the picture. According to the data, most infected countries turned out to be Germany, Thailand, Italy, India, Australia and the US. Watch the video below with the commentary from Richard Domingues Boscovich, Assistant General Counsel at Microsoft’s Digital Crimes Unit.

[youtube]avF6M5NNLWo[/youtube]

via: TechNet

Discussions

Next up

Can’t move icons on Desktop? Try these solutions [QUICK GUIDE]

Johnny Williams avatar. By: Johnny Williams
2 minute read

Some Windows 10 users reported that they can’t move icons on Desktop on their PC. This is a small but annoying problem, but today we’re […]

Continue Reading

Vampire: The Masquerade Bloodlines 2 won’t get 3rd person play

Alexandru Voiculescu avatar. By: Alexandru Voiculescu
2 minute read

Developers Hardsuit Labs and Paradox Interactive announced on the official Vampire: The Masquerade – Bloodlines 2 Twitter account that the game will be first person […]

Continue Reading

Microsoft Paint gets full keyboard input support this month

Zille Huma avatar. By: Zille Huma
2 minute read

Last year, Microsoft informed MS Paint users that their favorite app from childhood would no longer be available on Windows 10. Microsoft was really determined […]

Continue Reading