Microsoft Corp (NASDAQ:MSFT) and the U.S. Federal Bureau of Investigation are teaming up to take down the Citadel Botnets, one of the world’s biggest cyber crime rings, Reuters reported Wednesday. Over the past 18 months, Citadel is believed to have stolen more than $500 million from bank accounts, but this new “internationally coordinated take-down” effort reflects promising progress at effectively shutting down the criminals’ capabilities.
Microsft has been involved in seven efforts to attack botnets since 2010, but it only contacted the FBI about two weeks ago, explaining that it had done significant work on a criminal probe in the botnets, but needed additional help. When that help delivered, so did Microsoft’s efforts. Its Digital Crimes Unit “successfully took down at least 1,000 of an estimated 1,4000 of an estimated 1,400 malicious computer networks” on Wednesday. Microsoft and the FBI are now also working with law enforcement and other organizations in over 10 countries worldwide.
Authorities do not know the identity of any of Citadel Botnet’s ringleaders, but the person accused of creating and maintaining the botnet is known as John Doe No. 1, who goes by the alias Aquabox. He or she is believed to be the mastermind behind the operation of botnets and is the subject of the complaint that Microsoft filed in the U.S. District Court in Charlotte, North Carolina. The civil lawsuit allowed Microsoft to obtain a court order to shut down the botnets.
According to Reuters, these botnets are armies of infected personal computers, “which run software forcing them to regularly check in with and obey ‘command and control’ servers operated by hackers.” One of the biggest operations today, it has affected PCs in the US, Western Europe, Hong Kong, India, and Australia. Interestingly, its software won’t attack PCs or financial institutions in Ukraine in Russia, leading authorities to believe that its creators operate in those countries. Investigators believe that Aquabox lives in eastern Europe, but his “herders” live throughout the world.
The FBI has obtained search warrants and worked with overseas authorities to help it identify and capture the criminals, preventing the future seizure of money from banks in the US and abroad. As aforementioned, Citadel is believed to have already stolen more than $500 million. While banks typically reimburse victims, business customers may soon have to absorb the losses should they continue. Any progress in cutting down the number of active Citadel Botnets can help reduce future losses by banks and their customers.
Investing Insights: Has Hewlett-Packard Reversed Its Trend?