| AMSTERDAM/BOSTON, June 6
AMSTERDAM/BOSTON, June 6 Europol said a global
effort led by Microsoft Corp to stop one of the world's
biggest cybercrime rings has succeeded in wiping out the
malicious computer networks that the gang used, known as the
Microsoft's Digital Crimes Unit, with help from authorities
in more than 80 countries, on Wednesday cut off the servers
controlling as many as 5 million infected PCs that belonged to
the Citadel cyber crime operation, which is believed to have
stolen more than $500 million from bank accounts over the past
"Basically the Citadel bug is now clean," Troels Oerting,
head of Europol's European Cybercrime Centre, said on Thursday.
The details are still emerging about the individual roles
that dozens of countries across Europe and Asia played in
bringing down the estimated 1,400 botnets that were part of the
Andy Archibald, interim Deputy Director of Britain's
National Cyber Crime Unit, said on Thursday that his agency had
seized "a number of servers" as part of the effort and was
closely working with the FBI on its investigation into Citadel.
Archibald said forensics experts were examining the servers.
Microsoft said on Wednesday that it had collected forensic
evidence from two U.S.-based Internet hosting providers, under a
federal court order that the company obtained by filing a civil
lawsuit against the unknown operators of Citadel.
An FBI spokeswoman said she could not immediately say
whether the evidence collected had brought investigators any
closer to catching the culprits behind Citadel.
Citadel was used against dozens of financial institutions by
stealing passwords with key logging software. The victims
include American Express, Bank of America,
Citigroup, Credit Suisse, eBay's
PayPal, HSBC , JPMorgan Chase, Royal
Bank of Canada and Wells Fargo, Microsoft said.
Botnets are armies of infected personal computers, or bots,
which run software forcing them to regularly check in with and
obey "command and control" servers operated by hackers. Besides
financial crimes, botnets are also used to send spam, distribute
computer viruses and attack computer networks.
Microsoft said in its court filing that it suspects the
developer of the Citadel software, who goes by the alias
Aquabox, lives in eastern Europe and works with at least 81
"herders," who may be running the bots from anywhere in the
The Citadel software is programmed so it will not attack PCs
or financial institutions in Ukraine or Russia, likely because
the creators operate in those countries and want to avoid
provoking law enforcement officials there, Microsoft said.