REDMOND, Wash. (6/7/13)--More than 1,000 of the estimated 1,462 Citadel botnets controlling millions of computers were taken down week by Microsoft and the Federal Bureau of Investigation in collaboration with a number of groups, Microsoft announced Wednesday.
The Citadel botnets --networks of comprised computers infected by malicious software and controlled by cybercriminals known as botherders--are responsible for more than $500 million in losses among people, businesses, and financial institutions--including credit unions--in 90 countries worldwide. The malware impacted more than five million people, Microsoft said in a press release.
The coordinated effort to take down botnets won't completely eliminate the cybercrime problem, Microsoft said, but it is expected that the loss of so many botnets will "significantly disrupt the botnets' operation, making it riskier and more expensive for cybercriminals to continue doing business."
Disrupting the botnets also allows victims to free their computers from the malware with malware removal or antivirus software to help prevent additional security issues, said Microsoft.
This could mean that credit unions and other financial institutions may see a reprieve in fraudulent activity or a possible decrease in the number of compromised debit and credit cards they reissue because of fraud.
Microsoft also announced it filed a civil suit last week against the cybercriminals operating the Citadel botnets and received authorization from the U.S. District Court for the Western District of North Carolina to simultaneously cut off communication between the botnets and the infected computers. And on Wednesday, Microsoft and U.S. Marshals seized data and evidence from the botnets, including computer servers from two data hosting facilities in New Jersey and Pennsylvania.
This is the second time Microsoft and authorities have worked together to attack a group of botnets. In March of 2012, Microsoft and a coalition of financial industry players coordinated actions against botnets using the Zeus malware to steal from online banking accounts. The company and its partners in the attack filed a civil lawsuit in a federal court in New York against 39 John Does (News Now March 28, 2012).
In this week's attack on the botnets, the FBI provided information to foreign law enforcement counterparts so they could take voluntary action against the botnet structure outside the U.S.
"Today's coordinated action between the private sector and law enforcement demonstrates the power of combined legal and technical expertise and we're going to continue to work together to help put these cybercriminals out of business," said Brad Smith, Microsoft general counsel and executive vice president, legal and corporate affairs.
Other groups involved in the collaborative effort include the Financial Services--Information Sharing and Analysis Center (FS-ISAC), NACHA--The Electronic Payments Association, the American Bankers Association, and several technology industry groups.