backtop


Print 17 comment(s) - last by Lerianis.. on Feb 20 at 12:06 AM

Botnet is used to steal login credentials and much more

The number of criminal groups that operate online attempting to steal information and money from unsuspecting consumers, businesses, and governments is staggering. As the hacker groups find ways to infect computers the data of millions of people across the world is at risk.

Internet security firm NetWitness has issued a press release stating that it has discovered a new ZeuS botnet dubbed the Kneber botnet. The botnet is believed to be infecting as many as 75,000 computers in 2,500 organizations around the world. The botnet infects computers and then steals logon credentials to online financial institutions, social networking logins, and email logins.

NetWitness reports that it first discovered the Kneber botnet in January during a routine deployment of its NetWitness advanced monitoring solution. Investigation showed that the number of compromised computer systems in both the government and commercial institutions was staggering. Data ranging from logins to complete dumps of identities from victim machines was being harvested.

NetWitness CEO Amit Yoran said, "While Operation Aurora shed light on advanced threats from sponsored adversaries, the number of compromised companies and organizations pales in comparison to this single botnet. These large-scale compromises of enterprise networks have reached epidemic levels. Cyber criminal elements, like the Kneber crew quietly and diligently target and compromise thousands of government and commercial organizations across the globe.

Conventional malware protection and signature based intrusion detection systems are by definition inadequate for addressing Kneber or most other advanced threats. Organizations which focus on compliance as the objective of their information security programs and have not kept pace with the rapid advances of the threat environment will not see this Trojan until the damage already has occurred. Systems compromised by this botnet provide the attackers not only user credentials and confidential information, but remote access inside the compromised networks."

NetWitness points out that while many analysts are classifying ZeuS as a trojan that steals online banking information, a more diverse mission for the botnet needs to be considered. More than half the systems infected with Kneber were also infected with a peer to per botnet called Waledac suggesting a high level of cooperation between cyber criminal groups.

The Washington Post reports that Yoran said the attacks don't appear to be related to the attack that took place against Google. The attack against Google last year resulted in the loss of corporate IP and led to a blow up between Google and the Chinese government. Google threatened to leave the Chinese search market due to repeated attacks.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Small Fry.
By JediJeb on 2/18/2010 2:27:34 PM , Rating: 2
Depends on which 75,000 computers are infected. If they are all inside the largest banks and government offices I would say such a small number could affect a very large number of people worldwide.


"A lot of people pay zero for the cellphone ... That's what it's worth." -- Apple Chief Operating Officer Timothy Cook














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki