In a coordinated operation, federal authorities, the Microsoft “Digital Crimes Unit” and several other organizations have launched a major offensive against a cybercrime ring responsible for stealing $500 million in the last 18 months.
According to a Microsoft press release, the effort shut down 1,000 of the approximately 1,400 Citadel botnets responsible for infecting unsuspecting computers. Of the 1,000 botnets shut down on Wednesday, 455 were hosted in the United States. Citadel infected up to 5 million individual computers.
Botnets are networks of computers that have been infected with bots, programs that run automatically without they knowledge of the computer’s owner. When an infected computer goes online, it becomes part of the network and can be used by malicious individuals to commit cybercrimes. Common cybercrimes include web spamming, financial theft and sending viruses.
Computers infected with Citadel malware were used to steal from a variety of financial institutions, including Bank of America, Citigroup, American Express, eBay’s PayPal, JPMorgan Chase and Wells Fargo, according to Reuters.
“Crimes used to happen through stickups, but today criminals use mouse clicks,” said Greg Garcia, former Department of Homeland Security cyber official and spokesperson for financial industry associations. “This action aims to stop the ongoing harm of these Citadel botnets against people and businesses worldwide.”
On June 5, 2013, Microsoft seized data from botnets, including two computer servers at facilities in Pennsylvania and New Jersey. It will use this evidence in a civil lawsuit recently filed in the U.S. District Court in Charlotte, North Carolina, against John Doe No. 1, according to Reuters. In an effort to combat global cybercrime, Microsoft released information about botnets to international Computer Emergency Response Teams (CERTs).
While the true identity of the ringleader of the Citadel attacks remains unknown, he or she goes by the alias Aquabox and Reuters reports that the culprit likely lives in Russia or the Ukraine.
The culprit’s international location does not prevent him or her from wreaking havoc on US citizens. According to the Internet Crime Complaint Center’s (IC3) 2012 Internet Crime Report, the IC3 received 289,874 complaints, which is an 8.3 percent increase from what it received in 2011. Of those filing complaints, 114,908 reported loses with an average of $4,573 per complaint.