More than 74,000 PCs at nearly 2,500 organizations around the globe were compromised over the past year and a half in a botnet infestation designed to steal login credentials to bank sites, social networks, and e-mail systems, a security firm said Wednesday.
The systems were infected with the Zeus Trojan and the botnet was dubbed "Kneber" after a username that linked the infected PCs on corporate and government systems, according to NetWitness.
The Wall Street Journal reported that Merck, Cardinal Health, Paramount Pictures, and Juniper Networks were among the targets in the attack. NetWitness speculated that criminals in Eastern Europe using a command-and-control server in Germany sent attachments containing the malware in e-mails or links to the malware on Web sites that employees within the companies clicked on.
NetWitness said it discovered more than 75 gigabytes worth of stolen data during routine analytic tasks as part of an evaluation of a client network on January 26. The cache of stolen data included 68,000 corporate login credentials, access to e-mail systems, online banking sites, Facebook, Yahoo, Hotmail, 2,000 SSL (Secure Sockets Layer) certificate files and data on individuals, NetWitness said in a statement and in a whitepaper available for download from its Web site.
In addition to stealing specific data, Zeus can be used to search for and steal any file on the computer, download and execute programs and allow someone to remotely control the computer.
Read this full article at CNET
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
