FBI Team up with Microsoft to Crush Botnet that Helped Steal $500M

Mike O'Brien

Microsoft announced on Thursday that with the help of the FBI it has taken down more than 1,000 botnets that were used to steal identities and people's banking information.

The malware, known as Citadel, led to losses of more than $500 million and affected over five million people.

Ninety countries were affected but most of the victims were in the U.S., Europe, Hong Kong, Singapore, India, and Australia.

Citadel installed key-logging software on to a computer, which tracked everything a person typed. That allowed the scammers to steal passwords and gain direct access to a PC user's bank account.

Brad Smith, Microsoft general counsel, said in a statement: "The harm done by Citadel shows the threat that botnets, malicious software, and piracy pose to individuals and businesses around the world.

"Today's coordinated action between the private sector and law enforcement demonstrates the power of combined legal and technical expertise and we're going to continue to work together to help put these cybercriminals out of business."

Microsoft said it has been working with the FBI on taking down Citadel since early 2012.

The company has filed suit against those operating the botnet and evidence, including servers, has been seized from data-hosting facilities in New Jersey and Pennsylvania, PCmag.com reports.

FBI executive assistant director Richard McFeely said: "Today's actions represent the future of addressing the significant risks posed to our citizens, businesses, and intellectual property by cyber threats and malicious software, which are often enabled by counterfeit and unlicensed software.

"Creating successful public-private relationships—in which tools, knowledge, and intelligence are shared—is the ultimate key to success in addressing cyber threats and is among the highest priorities of the FBI.

"We must ensure that, as cyber policy is developed, the ability of the private sector to coordinate in real time with the FBI is encouraged so that a multi-prong attack on our cyber adversaries can be as effective as possible."

Cyber crime will be discussed at IDGA’s Cyber Security for Government event in August. For full details go to www.CybersecurityEvent.com