Currently one of the largest malicious computer networks is called the Citadel botnet system. Microsoft has enlisted the aid of their digital crime unit to work vigorously on this problem. An estimation of over 1400 of these Citadel botnets was in existence but Microsoft announced this week it has taken down nearly 1000 of them. Unfortunately, the ringleaders of these networks have evaded arrest at the time of this writing.
As long as there have been computers there have been criminals to exploit them for illegal personal gain. With every advance in computer software and hardware, criminals have become more sophisticated in their means to bend computer software and hardware to fit their will. Microsoft, the FBI, and other world authorities are fighting back to protect computer systems worldwide.
Cybercrime used to be limited to individuals hacking into secure systems to obtain information, access codes, or other sensitive data. The data could be used to steal money, infect main servers with viruses, or expand identity theft operations. Individuals that left electronic trails of their crimes could be tracked down and eliminated from the world’s computer networks.
Cybercrime has become an organized with crime rings reaching all corners of the Earth. By using botnets, or network connected programs that are able to communicate with other programs to complete tasks, groups of organized criminals can work together making detection more difficult.
Microsoft has been working closely with the FBI. In turn the FBI has been working with Europol and other agencies across the globe to stop the siege of computer crime. As with any organized crime network, authorities must start at the bottom of the supply chain hoping to work up to the creators and bot distributors.
Microsoft filed a civil suit against the unknown hackers and distributors in the US district court in Charlotte, North Carolina, USA. Microsoft’s research has uncovered the distribution of bots found in pirated Windows Operating System software. These pirated versions with bots included were used to control PCs in the US, Australia, Hong Kong, India and across Western Europe.
Since the identity of the ringleader is yet unknown, the alias Aquabox has been used as the description. It is believed that Aquabox lives in Eastern Europe and has almost 100 network herders running the bot systems over most of the world. The exception is the Ukraine or Russia as the bots are programmed not to attack PCs or financial institutions there. Hopefully, this piece of evidence will aid in the capture of the cyber criminals.
The American Bankers Association (ABA) and other major financial groups are working closely with the investigation to attempt to curb losses for their clients and customers. Many of these financial institutions reimburse individual losses to cybercrime; however, many business owners must absorb these losses. With other economic factors still being uncertain, many business owners’ losses have been another setback to recovery.
Of the nearly 1000 botnets that were recently shut down, 455 were hosted in the United States. They had infected over 40 data centers often without the knowledge of the data center owners. The remaining sites were located in many other countries across the globe.
The continuing efforts of Microsoft forensic technicians, FBI, and law enforcement in countries including Brazil, Germany, Iceland, India, Indonesia, the UK and others will labor tirelessly until these cybercriminals have been apprehended and the illegal botnets destroyed.