Thursday, January 27, 2022

Microsoft Takes down around 1,400 Citadel Botnets

Microsoft and the FBI, assisted by authorities in more than 80 nations, on June 5 took down 1,400 malevolent computer aka Botnets, specifically, the Citadel botnet by severing their access to infected machines. Microsoft’s Digital Crimes Unit is acting with its cooperators overseas to find out exactly how many of the Citadel botnets are still operational.

The botnets, which need to be ran from command and control servers (C&C) and are located at data centers around the world.

These servers were utilized to steal from hundreds of financial organisations, according to court documents that Microsoft filed to get permission to shut down hosts in the United States that were being used to run the operation.

The ringleader, who goes by the alias Aquabox, and dozens of botnet operators remain at large and the authorities are working to uncover their identities. Richard Domingues Boscovich, assistant general counsel with Microsoft’s Digital Crimes Unit, had said he suspects Aquabox is in Eastern Europe.

Data center owners usually are not aware that their servers are being used to run these networks.

The ring targeted firms of all sizes, from tiny credit unions to global banks such as Bank of America , Credit Suisse and Royal Bank of Canada .

Citadel is among the largest operational botnets today. Microsoft stated its programmer packed the software with pirated versions of the Windows operating system.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

New FastPOS malware targeting Point-of-Sale systems

Experts have disclosed a new category of malware, labeled “FastPOS,” that has the ability to quickly …