Citadel Trojan: It’s Not Just for Banking Fraud Anymore

Citadel Trojan: It’s Not Just for Banking Fraud Anymore:

http://threatpost.com/en_us/blogs/citadel-trojan-it-s-not-just-banking-fraud-anymore-020113

 

Very interesting blog by SurfRight (HitmanPro):
Dorifel, Pobelka and a Chinese connection

Read more at that link.

The last few days it is very much in the news in The Netherlands......

Edited to add:

Answer from the Dutch "National Cyber Security Centrum" on the kind of heavy critics:
In Dutch:
https://www.ncsc.nl/actueel/nieuwsberichten/media-aandacht-voor-pobelka-botnet.html

Blog (in English) from Dutch security company Fox-IT:
Demystifying Pobelka

 

It's rather incredible that both the Dutch police authorities and the NCSC/National Cyber Security Centre, were not interested in a copy of the 750GB of pilfered data from Dutch financial, government, (critical)-industrial, airline, hospital and private networks.
Dutch company Digital Investigation (working together with SurfRight) had investigated the botnet and made a copy from one of the servers before shutting it down.
For some reason the police couldn't read the disk it was sent and couldn't be bothered to ask for another copy. The NCSC wasn't interested at all.
The NCSC only informed some 50 government orgs and some critical infrastructure companies when it was sent the list of over 150.000 infected PC IP addresses, citing it uses an opt-in rule for warnings on nation-wide network-mapping/Intellectual property-stealing malware...

 

Hey Baserk,

Thanks for explaining the situation here to the non-Dutchies!
Yep, it is indeed incredible. (as I started a thread here about a year ago "The Netherlands - what digital country is this" ).

 

^No thanks.
And yeah, exactly. What digital country is this. I mean, the whole shebang was handed over to national authorities on a fu..... silver platter.
Apparantly still not enough.

 

The Dutch "three-letter-agencies" are coming into action, finally
We will see (or not)