Terrific software and support ... for criminal botnet builders
Shadowy vendor of botnet construction kits based on Citadel Trojan provides platform with customer service that commercial software companies could learn from
Follow @woodyleonhard
There's a new development platform on the market, and it boasts outstanding developer support.
The platform's all open source. There's a built-in developer message board, with threaded conversations and social networking features. The manufacturer not only responds to bug reports and feature suggestions, it assigns tracking numbers and, in the spirit of open source, accepts solutions both from the company's developers and from customers. The manufacturer puts new features up for a vote, implementing the ones that most developers want. The board's active, the manufacturer's responsive, and the product's reasonably stable and by all accounts quite profitable. There's even a user's manual, release notes, and a license agreement, all in Russian.
Welcome to Citadel. Botnet construction kits done right. SaaS techniques in the underground.
Brian Krebs broke the story on Jan. 23, and as reported by InfoWorld last week, Seculert said it first saw the botnet on Dec. 17, 2011. Since then, 20 Citadel botnets have been identified -- in other words, at least 20 people acquired the Citadel construction package and put it to use -- and they've tracked more than 100,000 infected PCs. Seculert has identified at least five versions of the Citadel package.
You too can buy a copy and join one of the fastest-growing developer cliques on the planet. Total cost is $2,399, plus $125 per month. Citadel is based on the Zeus source code, which was widely distributed in May 2011. Unlike Zeus, when you buy Citadel you get the entire ecosystem along with it, including access to the forums. Think SaaS, where the value-add isn't the software but the infrastructure around it. Per Krebs, the creators boast in their sales literature:
We have created for you a special system -- call it the social network for our customers. Citadel CRM Store allows you to take part in product development in the following ways:
* Report bugs and other errors in software. All tickets are looked at by technical support; you will receive a timely response to your questions. No more trying to reach the author via ICQ or Jabber.
