Microsoft works with FBI to take down 1400 Citadel botnets

By Brittany Roston/June 5, 2013 11:02 pm EST

On TechNet today, Microsoft Digital Crime Unit's Assistant General Counsel Richard Boscovich detailed the company's involvement in helping take down over a thousand Citadel botnets, which are used to mine banking data, among other info. The work was done in conjunction with the FBI, members from within the financial industry, and "other technology industry partners."

According to Boscovich, Microsoft's Digital Crime Unit served a part in an overall larger mission called Operation b54 to take on the Citadel botnet, which is said to have caused more than half a billion dollars in financial loss to both companies and individuals alike. This marks the seventh time Microsoft has been involved in helping battle botnets.

This particular operation was unique, however, because it marks the first time both a private company and law enforcement have joined forces in the execution of a civil seizure warrant to go after botnets. The warrant was issued by the U.S. District Court for the Western District of North Carolina. Such is an effort in both stopping the ongoing issue being caused by the botnet, and also bolstering security.

Microsoft has also benefited from the operation in terms of acquiring data that helps combat the issue, something it will put to use alongside ISPs and CERTs to help wipe computers of the problem. The company plans to publish the information via the Cyber Threat Intelligence Program, more commonly known as C-TIP. It also has dedicated a Support page to botnets to help individual consumers clean up their computers.

While the operation did neutralize more than 1400 botnets, Microsoft acknowledges that it hasn't – and does not expect to – take them all out. Rather, it sees the operation as a means to "significantly disrupt" the overall botnet operations in place while putting strain on the efforts of those behind the attacks. The company also points out that this is a prime example for future cooperation between private companies and law enforcement.

SOURCE: TechNet