The software giant
teams with the FBI and financial services industry groups to slow down a
cybercrime ring that is allegedly responsible for roughly $500 million in
losses.
Working with the
Federal Bureau of Investigation, Microsoft on Wednesday moved to disrupt a
massive cybercrime ring allegedly responsible for stealing online banking
information and personal identities, leading to more than $500 million in losses.
In what the company
described as its "most
aggressive botnet operation to date," Microsoft acted on a court
ordered civil seizure warrant from the U.S. District Court for the Western
District of North Carolina to take down 1,462 Citadel botnets. The company
wasn't able to shut down all of the botnets using the Citadel malware.
"However,
we do expect that this action will significantly disrupt Citadel's operation,
helping quickly release victims from the threat and making it riskier and more
costly for the cybercriminals to continue doing business," Richard
Domingues Boscovich, assistant general counsel in Microsoft Digital Crimes
Unit, wrote in a blog post.
Botnet malware turns
computers into robots that are slaves to servers run by cyber criminal. They
can command PCs to send spam, spread viruses, and attack other servers. In this
case, the Citadel malware monitored and recorded victims' keystrokes, a tactic
known as keylogging. When users accessed their bank accounts online, the
criminals were able to swipe the information needed to access accounts, and
learn details about personal identities. What's more, Citadel blocked access to
anti-virus sites, preventing users from removing the malware.
Microsoft said that
the Citadel malware hit about 5 million people in more than 90 countries. The
biggest infections are in the United States, Europe, Hong Kong, Singapore,
India, and Australia.
Earlier Wednesday,
federal marshals escorted Microsoft officials to two data hosting facilities in
New Jersey and Pennsylvania, where they seized data and evidence from the
botnets. Microsoft also provided information about the botnets' operations to
international Computer Emergency Response Teams, and the FBI also provided
information to foreign law enforcement agencies, in order to shut down the
Citadel operations outside the United States.
The
company also got assistance from the Financial Services - Information Sharing
and Analysis Center, NACHA - The Electronic Payments Association, and the
American Bankers Association in its efforts to disrupt Citadel. (source: cnet)
Post a Comment