A serious new botnet formed from over 75,000 computers within over 2500 organisations has been discovered by security experts at NetWitness. It has been reported that the botnet is controlled by the Zeus virus and there are suggestions that millions of pieces of data have already been harvested by the hacking group behind the infection.
The widespread attack is being referred to as the Kneber botnet because this is the pseudonym which is consistent across every infected system around the globe.
The botnet has been used to steal usernames and passwords from thousands of workers, allowing the hackers to access financial infrastructures, email accounts and social networking profiles directly from the infected PCs.
NetWitness Analyst Alex Cox said that he discovered the Kneber botnet in January during a routine security check. The extent of the problem soon became apparent and it is believed that over 68,000 corporate employees have had their identities partially or wholly stolen. This figure does not even factor in the public sector organisations affected by the botnet.
Mr Cox said that it would be unhelpful to think of Zeus as a simple Trojan, as it has clearly been used by hackers in a very sophisticated manner that requires the immediate attention of the data security community.
According to Mr Cox, the Kneber botnet is so dangerous because in most cases the infected businesses and organisations will be unable to even detect its existence on their systems, allowing it to work unhindered.
William Beer, who controls security at PricewaterhouseCoopers, said in an interview with SC Magazine that it would be necessary for enterprises to assess the threat posed by data harvesting botnets of this sophistication and come up with contingency plans to minimise the impact.
Other security experts, including blogger Brian Krebs, said that the presence of a modified Zeus botnet was not particularly startling to those in the know. Mr Krebs pointed out that although the scale of the Kreber botnet was far greater than some of its peers, it was still just a small part of a much larger problem that infects and harvests data, day in day out.
