Customer First, Blooming in the Underground--The Black Greenhouse called Citadel (2012)

Customer First, Blooming in the Underground--The Black Greenhouse called Citadel (2012)

In 2012, Citadel, a malware based on ZeuS, turned cybercrime on its head. It was not just a Trojan horse, but a "dark product" with a customer management system. Citadel provided users (criminals) with a web-based CRM store, allowing them to report bugs, request new features, and even communicate with developers for support. It was as if it was legitimate software, focused on the relationship with its users, and continued to evolve in the greenhouse of crime.

The price is $2,399 for the basic package and $125 per month. For an additional fee, the software also offered the ability to bypass antivirus, record screens, and steal information from Chrome. In addition, there is a mechanism that automatically stops the program under Russian and Ukrainian language settings, showing the developers' concern for the protection of their own country.

However, the customer-oriented transparency is not enough. The FBI arrested the developer, Mark Vartanian, using his activity history as evidence. Citadel flourished as a "dark SaaS," but its customer management records were the seeds of its downfall.