Microsoft, the FBI and members of the financial services industry say they have disrupted a cybercrime network that is responsible for over half a billon dollars in fraud.
Microsoft announced today that in cooperation with the U.S. financial services industry and leaders including the Financial Services Information Sharing and Analysis Center (FS-ISAC), NACHA -- The Electronic Payments Association, the American Bankers Association (ABA), a network accounting for over a thousand botnets has been disrupted.
In conjunction with other technology firms and the Federal Bureau of Investigation (FBI), the Redmond giant says the investigative team was able to discover and take down a botnet system which is responsible for stealing people's online banking information and personal identities.
Botnets are compromised computer networks which, once infected with malicious software, can be controlled by cybercriminals and used to complete tasks including data theft and the disruption of online services.
An investigation began in 2012 in to a malware dubbed Citadel. Citadel, based Zeus source code, in designed to steal personal information including banking details and can inject malicious code such as ransomware into a compromised computer. Able to record keystrokes, Citadel's keylogging activities allow hackers to gain access to online accounts or steal personal identities.
Microsoft found that Citadel is responsible for the loss of more than half a billion dollars in individuals and businesses worldwide. Upwards of five million computers have been affected; with some of the highest number of infections appearing in the U.S., Europe, Hong Kong, Singapore, India, and Australia.
Citadel is believed to be present in over 90 countries.
"The harm done by Citadel shows the threat that botnets, malicious software, and piracy pose to individuals and businesses around the world," said Brad Smith, Microsoft general counsel and executive vice president, Legal and Corporate Affairs. "Today's coordinated action between the private sector and law enforcement demonstrates the power of combined legal and technical expertise and we're going to continue to work together to help put these cybercriminals out of business."
The tech giant has filed a civil suit against cybercriminals operating the botnet scheme, and has also received the approval of the U.S. District Court for the Western District of North Carolina to cut off communication between 1,462 Citadel botnets and infected computers under their control.
"Financial crimes used to happen through stickups, but today criminals use mouse clicks," said Greg Garcia , a consultant and former Department of Homeland Security cyber official. "This action aims to stop the ongoing harm of these Citadel botnets against people and businesses worldwide, and you can be assured that we will continue to partner with the public and private sectors to help financial institutions protect our customers from threats like this."
Due to the size of the cybercrime ring, Redmond does not expect to fully eliminate all of the botnets using Citadel, but hopes that operations will now be severely disrupted.