Microsoft’s Digital Crimes Unit, in collaboration with the FBI and
authorities from 80 different countries, has successfully taken down one
of the world’s largest and most nefarious botnets.
The crime ring, called ‘Citadel,’ has allegedly stolen over $500
million from bank accounts around the world in the past 18 months. On
Wednesday, the Digital Crimes Unit eliminated at least 1,000 of the
estimated 1,400 networks active in the Citadel botnets, reports Reuters
According to Microsoft, Citadel has infected 50 million PCs that
targeted financial institutions including American Express, Bank of
America, Citigroup, Credit Suisse, PayPal, HSBC, JPMorgan Chase, Royal
Bank of Canada and Wells Fargo.
The operators of the botnet are still at large and their identities are
yet unknown, but this attack on Citadel is sure to greatly hamper their
activities. The FBI is working with international organizations to
track down the criminals, and told Reuters that it has obtained search
warrants as part of the criminal probe.
Microsoft has identified one member of the crime ring who goes by the
alias ‘Aquabox,’ and is being referred to as the ring leader. Microsoft
filed a civil lawsuit in the U.S. District Court in Charlotte, North
Carolina against this ‘John Doe No. 1,’ whom they claim is responsible
for creating and maintaining the botnet.
The investigation has revealed that the Citadel software intentionally
does not target institutions in Ukraine or Russia, suggesting the its
creators are based in those countries and want to avoid provoking the
authorities, Microsoft said.
455 of the 1,000 networks that Microsoft dismantled were located in
U.S. datacenters, while the rest were in countries overseas.