In an official blog post, Microsoft has revealed its participation in a collaborative action with the FBI, financial services industry, and other technology industry partners, a major blow to the Citadel malware botnet took place. Codenamed Operation b54, this collaborative action marks Microsoft’s seventh botnet takedown.
“This collaborative action – codenamed Operation b54 – is Microsoft’s seventh botnet operation to date and part of a growing proactive effort by both the public and private sector to fight cybercrime, help protect people and businesses from online fraud and identity theft, and enhance cloud security for everyone. This operation marks the first time that law enforcement and the private sector have worked together in this way to execute a civil seizure warrant as part of a botnet disruption operation,” Microsoft stated in an official blog post.
Microsoft cites this takedown as the company’s “most aggressive botnet operation to date” and was able to disrupt more than 1,400 Citadel botnets responsible for over half a billion dollars in losses to victims across the globe. Microsoft never expected to fully take down the botnet, but this operating has resulted in a significant disruption.
Microsoft was able to learn a few things from this operation, including Citadel blocking victims’ access to antivirus/antimalware sites making it unable for the victims to remove the threat. Microsoft also learned that these criminals were using pirated Windows XP operating systems to develop their malware and grow their business, as Microsoft puts it, “demonstrating another link between software piracy and global cybersecurity threats.”
Hit the source to read the official press release about the botnet operation.Further reading: Microsoft, Security