14 DAY TRIAL // US law enforcement has teamed up with the private sector in an effort to disrupt the operations of 1,462 botnets powered by Citadel, the notorious malware designed to steal information that fraudsters can use to illegally access bank accounts.
The Federal Bureau of Investigation, Microsoft, the Financial Services – Information Sharing and Analysis Center (FS-ISAC), NACHA – The Electronic Payments Association, the American Bankers Association (ABA), Agari, A10 Networks and Nominum have taken part in the operation.
According to Microsoft, the Citadel malware has been utilized to steal over $500,000 (€381,000) from individuals and businesses worldwide.
To disrupt the botnets, Microsoft cut off the communications between the botnets and the zombie computers they controlled. Equipment was seized, including computer servers from two US-based data hosting facilities.
“Today’s actions represent the future of addressing the significant risks posed to our citizens, businesses, and intellectual property by cyber threats and malicious software, which are often enabled by counterfeit and unlicensed software,” commented FBI Executive Assistant Director Richard McFeely.
“Creating successful public-private relationships—in which tools, knowledge, and intelligence are shared—is the ultimate key to success in addressing cyber threats and is among the highest priorities of the FBI,” McFeely added.
“We must ensure that, as cyber policy is developed, the ability of the private sector to coordinate in real time with the FBI is encouraged so that a multi-prong attack on our cyber adversaries can be as effective as possible.”
The FBI has been working with foreign law enforcement agencies to disrupt the botnet infrastructure located outside the US.
The takedown of the 1,400 botnets doesn't mean that all Citadel botnets have been eliminated, but their operations have been seriously disrupted.
“Crimes used to happen through stickups, but today criminals use mouse clicks,” said Greg Garcia, a consultant and former Department of Homeland Security cyber official.
“This action aims to stop the ongoing harm of these Citadel botnets against people and businesses worldwide, and you can be assured that we will continue to partner with the public and private sectors to help financial institutions protect our customers from threats like this.”