Source Link:
http://www.redorbit.com/news/technology/1112866573/microsoft-fbi-take-down-500m-botnet-060613/
Microsoft’s Digital Crimes Unit (MDCU) has taken down another large botnet which was responsible for stealing more than $500 million from infected users. Working again with the FBI, the MDCU was able to take down at least 1,000 Citadel botnets, with only another 400 estimated remaining. The botnets have been infecting computers and stealing from bank accounts for the past 18 months. Some 5 million computers were thought to be under the control of these botnets, giving the malicious network access to accounts from American Express, Bank of America, Credit Suisse, Paypal, the Royal Bank of Canada and Wells Fargo.
The criminals responsible for creating and maintaining these botnets have not yet been found, but MDCU spokesman Richard Boscovich said the power of their network has been greatly reduced.
“The bad guys will feel the punch in the gut,” Boscovich told BBC News.
Boscovich also praised the cooperation between his team and the FBI, saying this kind of operation “serves as a real world example of how public-private cooperation can work effectively within the judicial system.”
Microsoft has called this their most aggressive botnet operation to date, and considering the size of the Citadel botnets, it’s easy to understand why. Though they went into the operation understanding they wouldn’t be able to take down every network, they were pleased with the outcome of the attack. Many PC users infected with the Citadel botnet may not have even been aware that they were under attack. The malware used to enlist a machine into the botnet also blocked access to legitimate anti-virus and anti-malware sites, thereby ensuring it would remain safely on the computer.
Related Article Here:
http://hass-associates-baby.wikia.com/wiki/Main_Page
Hass Associates Groups:
http://www.linkedin.com/groups/hass-associates-4854820
2.
Microsoft’s Digital Crimes Unit (MDCU) has taken down another large botnet which was
responsible for stealing more than $500 million from infected users. Working again with
the FBI, the MDCU was able to take down at least 1,000 Citadel botnets, with only
another 400 estimated remaining. The botnets have been infecting computers and stealing
from bank accounts for the past 18 months. Some 5 million computers were thought to be
under the control of these botnets, giving the malicious network access to accounts from
American Express, Bank of America, Credit Suisse, Paypal, the Royal Bank of Canada and
Wells Fargo.
The criminals responsible for creating and maintaining these botnets have not
yet been found, but MDCU spokesman Richard Boscovich said the power of their
network has been greatly reduced.
“The bad guys will feel the punch in the gut,” Boscovich told BBC News.
Boscovich also praised the cooperation between his team and the FBI, saying this kind of
operation “serves as a real world example of how public-private cooperation can work
effectively within the judicial system.”
Microsoft has called this their most aggressive botnet operation to date, and
considering the size of the Citadel botnets, it’s easy to understand why. Though they
went into the operation understanding they wouldn’t be able to take down every
network, they were pleased with the outcome of the attack. Many PC users infected with
the Citadel botnet may not have even been aware that they were under attack.
The malware used to enlist a machine into the botnet also blocked access to legitimate
anti-virus and anti-malware sites, thereby ensuring it would remain safely on the
computer.
3.
The MDCU traced the botnet back to piracy, saying the cybercriminals building the
malicious network used key generators to unlock outdated copies of Windows XP. These key
generators are often used when pirating software or operating systems, producing a digital “key” to
unlock the software and fool the servers into believing a legitimate copy is being used. In a blog post,
Boscovich took the opportunity to first point out that newer versions of Windows aren’t so easily
duped and are able to prevent this type of misuse of product keys.
“This discovery showcases that, in addition to exercising safe online practices like running
updated and legitimate software and using firewall and antivirus protection, people also need to use
modern versions of Windows software to better prevent malware, fraud and identify theft,” wrote
Boscovich.
While the MDCU handled the tech side of the takedown, the FBI is now looking for the
parties responsible for building these Citadel botnets, working together with Europol and other global
authorities to bring these criminals to justice.
“We are upping the game in our level of commitment in going after botnet creators and
distributors,” said Richard McFeely, the FBI’s assistant executive director.
“This is a more concerted effort to engage our foreign partners to assist us in identifying,
locating and, if we can, get US criminal process on these botnet creators and distributors.”
This is the seventh botnet takedown executed by the MDCU and the second so far this
year. In February, the crimes unit, in tandem with Symantec, brought down the smaller Bamital botnet.
This network first enlisted machines then guided users to malicious sites to steal their banking and
other personal information as well as generate fake advertising clicks. The Bamital botnet was
estimated to have stolen some $1 million a year from its victims.