Skip to main content

Microsoft engages cybergang that stole $500 million


Microsoft has orchestrated the bust-up of another top-tier botnet operation.
These bad guys – operators of the sprawling Citadel botnet -- make the fictional band of sophisticated thieves from the movie Ocean's 11 look like amateurs. Authorities estimate they've scored more than $500 million from banks in the United States and abroad by accessing online accounts and rerouting funds.
The software giant and the FBI, working with law enforcement and tech officials from some 80 countries, knocked out 1,000 of 1,400 of the Citadel botnets.
A botnet is a collection of hundreds to thousands of infected PCs that respond to commands routed through a command-and-control server, which is also an infected PC.
The bad guys running Citadel commanded as many as 5 million infected PCs, making Citadel one of the biggest botnet operations. Botnets are the engins that drive cybercrime. They fuel spam, denial of service attacks and cyberespionage. And they are used in big operations, like Citadel, to systematically hijack online financial accounts.
Citadel botnets supplied the computing power to steal from American Express, Bank of America, Citigroup, Credit Suisse, eBay's PayPal, HSBC, JPMorgan Chase, Royal Bank of Canada and Wells Fargo, among dozens of others.
The civil lawsuit Microsoft filed in the U.S. District Court in Charlotte, North Carolina identifies the ringleader as John Doe No. 1, aka Aquabox.
Investigators believe Aquabox is based somewhere in Europe and directs at least 81 helpers who run the botnets.
Because Citadel is programmed to leave online banking accounts in the Ukraine or Russia alone, it's likely the gang members are based there.
Microsoft deserves credit for developing a process the respects laws and encourages law enforcement co-operation across multiple borders. That includes co-ordinating with ISPs and hosting services to cripple identify and cripple active botnets.
The company has done this twice before with the takedown and related civil prosecutions in 2011 of operatives involved in the Rustock botnet and in 2010 with the Waldec botnet.
The criminals remain at large. And sophisticated botnets will continue to function as the robust infrastructure enabling cybercrime. But the Citadel take-down, nonetheless, is on for the good guys. Microsoft's work in this arena serves notice that impunity is not absolute for cybercriminals.
"The bad guys will feel the punch in the gut,"Richard Domingues Boscovich, assistant general counsel with Microsoft's Digital Crimes Unit, told Reuters.
The FBI told Reuters it is working closely with Europol and has obtained search warrants.
"We are upping the game in our level of commitment in going after botnet creators and distributors," FBI Assistant Executive Director Richard McFeely said in a Reuters interview.
"This is a more concerted effort to engage our foreign partners to assist us in identifying, locating and - if we can - get U.S. criminal process on these botnet creators and distributors."
Labels:

Comments

Post a Comment

Popular posts from this blog

Physics behind the Arc Reactor

It started with me ranting about how I should understand the physics of arc reactor more and then  Sera  needs some babel speak ideas for her Tony. I know this has been discussed deeply by most iron man fanatics before, but this is the simplified version for people who can’t be bothered to understand the big science-y words. I’m not saying that this is accurate because I’m not a nuclear engineer either, and I hope I can get some feedbacks from people who actually understand this. Since vibranium is not actually a real element, I’m focusing on the old arc reactor tech that runs on palladium. Let’s do a bit revision on fusion, yes? During nuclear fusion, light atoms combine to form heavier elements; in the process, a small fraction of mass is converted into lots of energy. Fusion reactions are called thermonuclear reactions because high temperatures are required to overcome the coloumbic repulsion between the nuclei being fused, i.e., “thermo” for the heat required and “nuc
Post a Comment
Read more

Sixth Sense Device - Surfaceless computing

    'SixthSense' is a wearable gestural interface that augments the physical world around us with digital information and lets us use natural hand gestures to interact with that information. We've evolved over millions of years to sense the world around us. When we encounter something, someone or some place, we use our five natural senses to perceive information about it; that information helps us make decisions and chose the right actions to take. But arguably the most useful information that can help us make the right decision is not naturally perceivable with our five senses, namely the data, information and knowledge that mankind has accumulated about everything and which is increasingly all available online. Although the miniaturization of computing devices allows us to carry computers in our pockets, keeping us continually connected to the digital world, there is no link between our digital devices and our interactions with the physical world. In
Post a Comment
Read more

New Apple 'iOS in the Car' aims for safer driving

STORY HIGHLIGHTS Apple's new operating system for mobile devices includes app for cars It is designed to make sure drivers are not distracted Look for it in 2014 in up to a dozen car brands The new operating system will come to cars where it can controlled by voice Apple's new operating system for its popular mobile devices goes well beyond iPhone and iPad. It will be showing up in new cars. It's called iOS 7 and will be available to download this fall. The new operating system features a number of design changes to the devices' interface. It also adds a new application that will let an iPhone5 display a few essential functions through a car's multimedia system. It's called "iOS in the Car." It "seamlessly integrates your iOS device — and the iOS experience — with your in-dash system. If your vehicle is equipped with iOS in the Car, you can connect your iPhone 5 and interact with it using the car's b
Post a Comment
Read more