Citadel (malware)

Citadel is a piece of massively-distributed malware based upon Zeus.[1] It targets credentials stored in password managers such as Keepass, Password Safe and neXus Personal Security Client.[2]

By 2017 (it was first identified in 2011)[3] Citadel had infected about 11 million computers worldwide and had caused over $500 million in losses.[4]

On March 20, 2017, having been extradited from Norway to the United States, a Russian computer science professional Mark Vartanyan pleaded guilty to a computer fraud charge for his part in developing the Control Panel for Citadel. In July 2017, he was sentenced to 5 years in federal prison.[5]

  1. ^ Segura, Jérôme (5 November 2012). "Citadel: a cyber-criminal's ultimate weapon?". Malwarebytes Labs.
  2. ^ "Cybercriminals Use Citadel to Compromise Password Management and Authentication Solutions". securityintelligence.com. 19 November 2014.
  3. ^ "Citadel Banking Malware Is Evolving and Spreading Rapidly, Researchers Warn". PCWorld.
  4. ^ "Russian sentenced in U.S. to five years prison for 'Citadel' malware". Reuters. 19 July 2017.
  5. ^ "Russian Citizen who Helped Develop the "Citadel" Malware Toolkit is Sentenced". www.justice.gov. 20 July 2017.