Microsoft launched an operation against the criminal scheme Citadel

The Microsoft Digital Crimes Unit, a Microsoft anti-crime unit, has announced an operation against the Citadel botnets and its associated cybercrime group. The special operation also includes a campaign to clean computers infected with this Trojan. The operation is codenamed b54and implemented by the company in conjunction with the FBI, ISP providers and various CERT teams around the world. The goal is to disrupt the coordinated actions of botnets and cybercriminals who receive financial benefits from them. After receiving the appropriate order, the company performed a special operation to disable more than 1,400 active Citadel botnets, which included the physical seizure of infrastructure servers. It is noted that the profit of cybercriminals using Citadel is more than half a billion dollars that were stolen from the accounts of various organizations and individuals using the Citadel Trojan program. About 5 million people were affected, and the United States, European countries, Hong Kong, Singapore, India and Australia were particularly vulnerable to malicious code.

The malicious code itself is a popular clone of another malicious program - Zeus. The operation to disrupt the Zeus botnet, MDCU was carried out in March 2012 (operation b71). As in the case of Zeus, we are not talking about the complete elimination of the malicious activity of the Trojan program, but such measures will significantly reduce both Citadel’s activity and the level of recoverable funds, reducing it to the lowest possible threshold value, which ultimately can make the business of cybercriminals too costly and disadvantageous.

The materials of civil claims in the case of the liquidation of Citadel (including in Russian) are here .
A note on the MS Technet blog is here .