The vast majority of infected machines were in the United States, Europe and Hong Kong. Microsoft and the FBI, aided by authorities in more than 80 countries, on June 5 sought to take down 1,400 malicious computer networks known as the Citadel Botnets by severing their access to infected machines. Microsoft's Digital Crimes Unit is working with its partners overseas to determine exactly how many of the Citadel botnets are still operational.
The botnet was run by a bloke known only by the name Aquabox. He has not been arrested but is believed to be in Eastern Europe. The ring targeted firms of all sizes, from tiny credit unions to global banks such as Bank of America, Credit Suisse, HSBC and Royal Bank of Canada.
Citadel is one of the biggest botnets in operation today. Microsoft said its creator bundled the software with pirated versions of the Windows.