A massive cybercrime ring that was stealing online banking information and personal identities is now broken up.
More than one thousand botnets, believed to be responsible for over $500 million in financial fraud and affecting more than five million people in 90 countries, ended up eliminated by the operation. The investigation and ensuing breakup of the ring came at the hands of Microsoft, the FBI, Agari, financial services industry players FS-ISAC, NACHA, and some other industry partners.
The investigation culminated June 5 with the seizure of key servers at two data hosting facilities in New Jersey and Pennsylvania, along with valuable data and evidence from the botnets.
Deemed as “one of the most highly sophisticated and organized cybercrime rings in existence today,” the cybercriminals employed more than one thousand botnets to infect computers with Citadel malware.
Once infected, the victim’s keystrokes ended up monitored and recorded, providing access to banking and other financial accounts leading to the theft of money and other personal information. As part of the FBI operation, investigators cut off communication between 1,462 Citadel botnets and the millions of infected computers under their control.
“While we certainly celebrate today’s victory, we are once again reminded just how advanced these types of attacks have become and how potentially costly and damaging they truly are,” said Bill Nelson from FS-ISAC. “It underscores the need to be proactive in the ongoing battle against cybercriminals and to work together with partners like Agari to protect businesses and customers alike.”
Due to the size and complexity of the operation, the botnet threat is not completely gone, but there has been a significant disruption, providing an opportunity to eliminate the malware from infected computers.
Microsoft is working with Internet Service Providers and Computer Emergency Response Teams worldwide to quickly notify people with infected computers.