Citadel Trojan
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 3,135 |
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 52,416 |
| First Seen: | January 27, 2012 |
| Last Seen: | May 28, 2023 |
| OS(es) Affected: | Windows |
Citadel Trojan Image
Table of Contents
The Citadel Trojan – A Version of the Infamous ZeuS Trojan
The Citadel Trojan first started making its rounds in early 2012 and gave the impression of having the same abilities as the infamous ZeuS Trojan. The ZeuS Trojan is one of the most notorious Trojan infections of the last decade. This Trojan has been known to steal banking information such as account numbers and passwords, as well as being linked to some of the most important botnets in recent years. Because of this, any sign of the Citadel Trojan on your computer system should be cause for concern – apart from treating the Citadel Trojan infection, ESG security analysts strongly recommend ensuring that your online bank accounts have not become compromised.
The Malware Makers Behind the Citadel Trojan Focus on Customer Service
It may sound strange, but support and customer service are also an important part of the hacking community. Criminals do not create malware like the Citadel Trojan in a vacuum. They can actually earn quite a lot of money by selling their malware creations to other criminals who can then use botnets and phishing scams to attempt to steal people's banking credentials. Scouring forums and seedy websites linked to criminal activity, ESG malware analysts suspect that the Citadel Trojan seems to have been created as a 'customer service' oriented version of the ZeuS Trojan! One particularly clever aspect of the Citadel Trojan is the fact that Citadel Trojan is designed not to attack computers with a keyboard in Cyrillic characters (thus ensuring that the Russian or Ukrainian authorities will not see Citadel Trojan as a local threat).
The Citadel Trojan May Be the ZeuS Trojan’s First Direct Descendant
Since 2011, when the source code for the ZeuS Trojan was released and made available publicly, ESG security researchers have been concerned that various copycat infections may spring up, improving on the original and making this malware threat even more difficult to remove. The Citadel Trojan may be this dreaded descendant of the infamous banking Trojan. The creators of the Citadel Trojan advertise Citadel Trojan as containing various improvements and bug fixes as well as being able to attack various web browsers more effectively than before. The Citadel Trojan also contains a component that is able to record its victim's activity and then send a video of the victim's screen to a remote server where Citadel Trojan can then be viewed.
