Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft, FBI Takedown Citadel Botnet

Posted by samzenpus on from the take-it-down dept.

hypnosec writes "Microsoft in collaboration with the FBI have successfully taken down the Citadel botnet which was known to control millions of PCs across the globe and was allegedly responsible for bank fraud in excess of $500 million. Citadel was known to have over 1,400 instances across the globe with most located in the US, Europe, India, China, Hong Kong and Singapore. It would install key-logging tools on target systems, which were then used to steal online banking credentials."

2 of 58 comments (clear)

  1. Windows update by jader3rd · · Score: 4, Interesting

    The FBI should use the C&C servers to force the machines to run Windows Update and clean the machines of the virus. The users obviously don't want to take care of their own machine, and if something goes wrong they'll know that they had a virus.

  2. Re:$500 Million by benyacrick · · Score: 4, Interesting

    Exactly! The number refers to Command & Control (C2) servers worldwide. In fact, Citadel has three types of C2 server: Binary for the actual malware, Config for the configuration file (eg a list of targets), and Drop for the stolen data.

    Lots of good info at the ZeuS Tracker:
    https://zeustracker.abuse.ch/faq.php