Posted by
Associate General Counsel, Microsoft Digital Crimes Unit
Just over two weeks after Microsoft, financial services industry leaders, technology industry partners and the FBI took action against more than 1,400 Citadel botnets, I am pleased to share that at least 2 million computers have been freed from the cybercriminals.
As Reuters reported, we believe this is a very conservative number. Our preliminary data shows that from June 9 to June 15, nearly 1.3 million unique Internet Protocol addresses have checked into our system (known as a sinkhole) from computers infected with Citadel. Currently, we are associating one IP address with one infected computer, but there could be multiple infected computers using one address. For example, preliminary results show that there were more than 1.9 million infected computers when we analyze unique IPs + User-Agents. A user agent is an application that connects to the Internet and includes things like browsers. Over the next few weeks, we’ll dig further into our data to determine exactly how many individual computers are associated with each IP we’ve identified.
...(read more)