Inside a malware company's trouble-ticket system


Brian Krebs has been through the support forums for the "Citadel" trojan, a piece of commercial malicious software (spun out from the notorious ZeuS trojan) you can buy and use to take over other peoples' computers to make botnets for sending spam or taking down websites with traffic-floods. The fun-loving crooks running Citidel take their customers' satisfaction very seriously, so they've established an efficient trouble-ticket system to help solve any support problems that arise.

The Citadel trojan deactivates itself in the presence of computers running Russian or Ukrainian keyboard layouts. Krebs explains, "This feature is almost certainly a hedge to keep the developers out of trouble: Authorities in those regions are far less likely to pursue the Trojan's creators if there are no local victims."

"We have created for you a special system — call it the social network for our customers. Citadel CRM Store allows you to take part in product development in the following ways:

– Report bug reports and and other errors in software. All tickets are looked at by technical support you will receive a timely response to your questions. No more trying to reach the author via ICQ or Jabber.

-Each client has the right to create an unlimited number of applications within the system. Requests can contain suggestions on a new module or improvements of existing module. Such requests can be public or private.

-Each client has a right to vote on new ideas suggested by other members and offer his/her price for development of the enhancement/module. The decision is made by the developers on whether to go forward with certain enhancement or new module depending on the voting results.

-Each client has the right to comment on any application and talk to any member. Now it is going to be interesting for you to find partners and like-minded people and also to take active parts in discussions with the developers.

'Citadel' Trojan Touts Trouble-Ticket System