Europol said a global effort led by Microsoft Corp to stop one of the world’s biggest cybercrime rings has succeeded in wiping out the malicious computer networks that the gang used, known as the Citadel Botnets.
Microsoft’s Digital Crimes Unit, with help from authorities in more than 80 countries, on Wednesday cut off the servers controlling as many as 5 million infected PCs that belonged to the cybercrime operation, which is believed to have stolen more than US$500 million from bank accounts over the past 18 months.
“Basically the Citadel bug is now clean,” Troels Oerting, head of Europol’s European Cybercrime Centre, said on Thursday.
The details are still emerging about the individual roles that dozens of countries across Europe and Asia played in bringing down the estimated 1,400 botnets that were part of the Citadel operation.
Andy Archibald, interim Deputy Director of Britain’s National Cyber Crime Unit, said on Thursday that his agency had seized “a number of servers” as part of the effort and was closely working with the FBI on its investigation into Citadel.
Archibald said forensics experts were examining the servers.
Microsoft said on Wednesday that it had collected forensic evidence from two US-based Internet hosting providers, under a federal court order that the company obtained by filing a civil lawsuit against the unknown operators of Citadel.
Citadel was used against dozens of financial institutions by stealing passwords with key logging software. The victims include American Express, Bank of America, Citigroup, Credit Suisse, EBay’s PayPal, HSBC, JPMorgan Chase, Royal Bank of Canada and Wells Fargo, Microsoft said.
Botnets are armies of infected PCs, or bots, which run software forcing them to regularly check in with and obey “command and control” servers operated by hackers.
Besides financial crimes, botnets are also used to send spam, distribute computer viruses and attack computer networks.
Microsoft said in its court filing that it suspects the developer of the Citadel software, who goes by the alias Aquabox, lives in eastern Europe and works with at least 81 “herders,” who may be running the bots from anywhere in the world.
The Citadel software is programed so it will not attack PCs or financial institutions in Ukraine or Russia, likely because the creators operate in those countries and want to avoid provoking law enforcement officials there, Microsoft said.
Australians were downloading virtual private networks (VPNs) in droves, while one of the world’s largest porn distributors said it was blocking users from its platforms as the country yesterday rolled out sweeping online age restriction. Australia in December became the first country to impose a nationwide ban on teenagers using social media. A separate law now requires artificial intelligence (AI)-powered chatbot services to keep certain content — including pornography, extreme violence and self-harm and eating disorder material — from minors or face fines of up to A$49.5 million (US$34.6 million). The country also joined Britain, France and dozens of US states requiring
Hungarian authorities temporarily detained seven Ukrainian citizens and seized two armored cars carrying tens of millions of euros in cash across Hungary on suspicion of money laundering, officials said on Friday. The Ukrainians were released on Friday, following their detention on Thursday, but Hungarian officials held onto the cash, prompting Ukraine to accuse Hungary’s Russia-friendly government of illegally seizing the money. “We will not tolerate this state banditism,” Ukrainian Minister of Foreign Affairs Andrii Sybiha said. The seven detained Ukrainians were employees of the Ukrainian state-owned Oschadbank, who were traveling in the two armored cars that were carrying the money between Austria and
Kosovar President Vjosa Osmani on Friday after dissolving the Kosovar parliament said a snap election should be held as soon as possible to avoid another prolonged political crisis in the Balkan country at a time of global turmoil. Osmani said it is important for Kosovo to wrap up the upcoming election process and form functional institutions for political stability as the war rages in the Middle East. “Precisely because the geopolitical situation is that complex, it is important to finish this electoral process which is coming up,” she said. “It is very hard now to imagine what will happen next.” Kosovo, which declared
MORE BANS: Australia last year required sites to remove accounts held by under-16s, with a few countries pushing for similar action at an EU level and India considering its own ban Indonesia on Friday said it would ban social media access for children under 16, citing threats from online pornography, cyberbullying, online fraud and Internet addiction. “Accounts belonging to children under 16 on high-risk platforms will start to be deactivated, beginning with YouTube, TikTok, Facebook, Instagram, Threads, X, Bigo Live and Roblox,” Indonesian Minister of Communications and Digital Meutya Hafid said. “The government is stepping in so that parents no longer have to fight alone against the giants of the algorithm. Implementation will begin on March 28, 2026,” she said. The social media ban would be introduced in stages “until all platforms fulfill their
RSS