Microsoft on Wednesday said it teamed up with the FBI to disrupt armies of hacked computers used to commit more than a half-billion US dollars in financial fraud around the world.
A strike coordinated with police and financial institutions disabled more than a thousand “botnets” used by a global cybercrime operation to steal people’s banking information and identities, according to the software colossus.
Botnets are networks of computers infected with viruses that let them be controlled by hackers.
“Crimes used to happen through stickups, but today criminals use mouse clicks,” said former US Department of Homeland Security cyberofficial Greg Garcia, a consultant who spoke for financial industry associations. “This action aims to stop the ongoing harm of these Citadel botnets against people and businesses worldwide.”
An investigation launched early last year led Microsoft and its allies to malicious software called Citadel, which monitors keystrokes on infected machines and sends information such as account names and passwords to hackers.
Cybercriminals used stolen passwords to take money from online bank accounts, Microsoft said.
Citadel “malware” has infected millions of computers in more than 90 countries, with the highest numbers of infections found in Europe, Hong Kong, India, Singapore, Australia and the US, Microsoft said.
“The harm done by Citadel shows the threat that botnets, malicious software and piracy pose to individuals and businesses around the world,” Microsoft general counsel Brad Smith said.
Last week, Microsoft filed a lawsuit against the unknown and unnamed cybercriminals in a US District Court in North Carolina and got legal authorization to sever communication between 1,462 Citadel botnets.
On Wednesday, Microsoft and US Marshals seized data and other evidence from botnets, including computer servers at hosting facilities in New Jersey and Pennsylvania, the software company said.
Microsoft and the FBI also shared information with international authorities in the hope they will take action against machines outside the US used to control Citadel botnets.