Back in June, we reported on the FBI and Microsoft working together to shoot the Citadel financial malware. More than a month later, it seems that the partnership has more than paid. Microsoft has reported that nearly 88 percent of botnets that have been running the Citadel malware when the partnership was announced today have been disrupted, thanks to the collaboration of the company with the FBI and other partners technology and financial services. It is also estimated that about 40 percent of the Citadel-infected computers that were part of these botnets have been cleaned of the infection, although Microsoft has not been very forthcoming with details on exactly how this was achieved .
Richard Domingues Boscovich, assistant general counsel for Microsoft Digital Crimes Unit, published a blog post in late June stating that Microsoft had identified about 1.3 million unique IP addresses that have been connected to a system of "abyss" that the company has implemented to replace the "command" servers used by hackers Citadel.
After analyzing the IP addresses and user information sent by the computer when connected to the sinkhole servers, Microsoft estimates that nearly 1.9 million computers were part of targeted botnets. The number may have been even higher since many computers can connect through a single IP address. The company then began working with researchers and anti-malware organizations such as the Shadowserver Foundation to let victims know malware and work to remove it.
Although the partnership may seem to date, some positive security researchers have raised concerns about how companies chose to shoot down botnets. Researcher security abuse.ch botnet tracking service has criticized Microsoft for sending configuration files for computers that have been infected by the malware, noting it comes down to change settings without the owner's consent and is a potential violation of local law.
Although the FBI and Microsoft are down strongly enough on the Citadel malware, there are still many dangerous technology there. A VPN service is an easy way to boost the defenses of your computer :. VPN adds an extra layer of protection to your computer to keep your secure connection and your private personal data
0 Komentar