It’s been an interesting year for computer security. In March, the Chameleon botnet – a network of computers hijacked to deliver fake advertising to unsuspecting web users – resulted in $6 million in monthly losses for advertisers.
More recently, the Citadel botnet – a giant botnet made up of over 1,400 networks, each containing tens of thousands of hijacked PCs – was responsible for removing over $500 million in consumer savings from tens of thousands of bank accounts.
The botnet, which infected target computers using downloadable software, used a simple key logger application to record the keystrokes of PC users. The application transferred data back to hackers, who used it to make secret bank transfers.
Computer security experts believe that the application was distributed in pirated copies of Microsoft’s Windows operating system. Cracked copies of Windows are widely available online on file sharing websites, often with no virus protection.
Microsoft, working alongside the FBI and numerous European police divisions, has shut down large amounts of the network. As of right now, around 1,000 of the 1,400 independent networks believed to be managing the virus have been terminated.
The company is working closely with police forces to shut down the remaining virus hotspots. Microsoft is also working to provide a solution to users that have PCs with the virus installed by offering software updates that remove the virus automatically.
The virus was responsible for over $500 million in lost savings, most of which was removed from bank accounts using Internet banking account data. The creators of the virus are believed to be located in Eastern Europe, based on tracking data.
The Citadel botnet was one of the largest in recent history and has sparked a new interest in computer security. As the malicious application directly targeted bank customers, it’s also sparked a debate about the safety of online banking.