FBI And Microsoft Defeat Citadel Trojan Botnets

The FBI and Microsoft have brought down over 1,000 Citadel Trojan botnets. They are responsible for the theft of personal online banking identity data, according to a statement by global online payment platform Payza, released last week.

The Citadel Trojan is a banking Trojan botnet that has infected over five million computers globally and is believed to have stolen more than $500 million from financial institutions.

A week earlier, Microsoft announced it had closed down around 70% of the 1,400 networks that the Citadel Trojan botnet had comprised. The significant take-down operation involved police forces in more than 80 countries in Western Europe, the United States, Asia and Australia, where the infected computers were found. According to the software giant, amongst the affected financial institutions are American Express, Bank of America, Citigroup, Credit Suisse, eBay’s PayPal, HSBC, JPMorgan Chase, Royal Bank of Canada and Wells Fargo.

Greg Garcia, former US Department of Homeland Security cyber official, who spoke for financial industry associations, said that nowadays crimes can take place through a click of a mouse. He added that the operation’s goal was to stop the Citadel Trojan botnet and prevent future damages to companies and citizens globally.

The investigation was launched in early 2012 and led Microsoft and its partners to the fraudulent software, named Citadel, which monitors keystrokes on infected computers, then sends the data, including passwords and account names, to hackers.

The chief technology officer of Payza, Ali Nizameddine, commented that having advanced security measures is not enough, saying that education is the key to keeping platforms secure and the clients’ sensitive data protected. Users need to be aware of fraudulent emails and phishing websites that could fool them to hand over their personal and financial information, he added.