- Citadel promises a high level of customer service. A focal point of
Citadel’s customer support is a portal called Citadel CRM (customer
relationship management), where customers can propose new capabilities to be
implemented.
Description
Authors
of this malware have been aggressive in adding new features and fixing bugs
during in follow-on releases. Most recently Citadel version 1.3.4.5 “Summer
Edition” became available that continues to add features that further differentiate
Citadel from its Zeus origins.[1]
Citadel is an offspring of the popular Zeus crime kit whose
main goal is to steal banking credentials by capturing keystrokes and taking
screenshots/videos of victims’ computers. Citadel quickly became a popular
choice for criminals.
In order to get into business the bad guys need a server
that is hosted at a company that will turn a blind eye on their activities and
also guarantee them some anonymity. Those hosting firms are for the most part
located in countries like China or Russia. They can operate in their own
jurisdiction so long as they do not commit crimes against own people. In such
cases not a whole lot can happen to the criminals. To cover their tracks, the
bad guys use proxy or VPN services that disguise their own IP address.[2] Once
set up with a server, the criminals can install what will be the mastermind
program, which will create and organize an entire array of infected computers
anywhere.
The latest version of
Citadel, whose code name is Rain Edition, is priced at $3,931 but it includes a
lot of valuable features. The makers of Citadel are trying to keep a low enough
profile to avoid gathering too much attention, which could result in efforts to
interfere (as we have seen with Zeus). Getting hands on Citadel is difficult
because of a stricter validation process of trusted criminals within the
Russian underground.
Executive Guidance
When seeing such
technically advanced crimekit as Citadel it places its blocking into a highly
professional context. Citadel methods used to steal personal information are so
advanced that even the most cautious user may be fooled. It is best to avoid
infection in the first place by using malware protection software that can cope
with the complexity of Citadel. Using a combination of safe online practices or
resorting to a consultant for recommendations are the primary defensive
measures.
No comments:
Post a Comment
For comments please e-mail paul@strassmann.com