The ZeuS-derived Citadel botnet, which rose to public prominence last year, is being progressively disabled by Microsoft and the FBI is on the hunt for its masters.
Microsoft says Citadel was used to raid bank accounts around the world and netted more than $US500m. Redmond's Digital Crimes Unit says 1,000 of the estimated 1,400 botnets created by Citadel have now been booted offline.
According to Reuters, institutions hit by the botnet include American Express, Bank of America, Citigroup, Credit Suisse, eBay's PayPal, HSBC, JPMorgan Chase, Royal Bank of Canada and Wells Fargo.
Citadel, whose capabilities include keylogging, emerged after the source code for the infamous ZeuS cybercrime toolkit was released in 2011. The combination of open source code and forums for virus-writers allowed it to evolve quickly, getting features such as encrypted malware configuration files and blacklisting of security vendor Websites.
Microsoft's post concedes that not all of the botnets have been taken down, but Richard Boscovich of the Digital Crimes Unit believes it will "significantly disrupt Citadel's operation".
Continued : http://www.theregister.co.uk/2013/06/06/microsoft_feds_breach_citadel_botnets/
Microsoft, Authorities Disrupt Hundreds of Citadel Botnets with 'Operation b54'
Microsoft, FBI go after major bank-account stealing cybercrime ring
Microsoft and FBI collaborate to take down $500 million 'Citadel' botnet ring
Enter for your chance to win* a game hardware bundle
One lucky winner will walk away with a gaming monitor, keyboard and mouse. Two lucky runners-up will score a gaming headset.