Search
Homepage This page's url is: -crn- Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs HPE Zone Intel Partner Connect Digital Newsroom Dell Technologies World Newsroom Dell Technologies Newsroom HP Reinvent 2020 Newsroom IBM Newsroom The IoT Integrator Lenovo Newsroom NetApp Data Fabric Intel Tech Provider Zone

Kneber Botnet Infects 75,000 Corporate, Government Computers

A computer virus, a version of the Zeus botnet called "Kneber," has infected 75,000 systems in 2,500 business and government agencies around the world, according to researchers at Internet security firm NetWitness.

virus

The virus, a version of the Zeus botnet called "Kneber" because of the user name that links the infected systems, gathers login credentials to online financial systems, social networking sites and email systems, NetWitness said Thursday, and "reports the information to miscreants who can use it to break into accounts, steal corporate and government information, and replicate personal, online and financial identities."

NetWitness, based in Herndon, Va., said it discovered the botnet last month during a routine deployment of its monitoring software. It investigated further and discovered "an extensive compromise of commercial and government systems that included 68,000 corporate login credentials, access to email systems, online banking sites, Facebook, Yahoo, Hotmail and other social networking credentials, 2,000 SSL certificate files, and dossier-level data sets on individuals including complete dumps of entire identities from victim machines," the company said in a statement.

NetWitness said the attacks have been going on for about 18 months and appeared to originate in Europe and China. The company has shared its findings with the targeted companies and government agencies.

The company did not publicly identify the companies and government agencies with infected systems. A story in The Wall Street Journal said pharmaceutical maker Merck & Co. and Cardinal Health Inc. were among the companies with infected IT systems and those companies had contained the problem.

"Systems compromised by this botnet provide the attackers with not only user credentials and confidential information, but remote access inside the compromised networks," NetWitness CEO Amit Yoran said in the statement.

"These large-scale compromises of enterprise networks have reached epidemic levels. Cyber criminal elements, like the Kneber crew, quietly and diligently target and compromise thousands of government and commercial organizations across the globe," Yoran said.

Back to Top

related stories

Video

 

sponsored resources