Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs Cisco Partner Summit Digital 2020 Lenovo Tech World Newsroom Dell Technologies World Digital Experience 2020 HPE Zone Masergy Zenith Partner Program Newsroom Intel Partner Connect Digital Newsroom Dell Technologies Newsroom Fortinet Secure Network Hub IBM Newsroom Juniper Newsroom The IoT Integrator Lenovo Channel-First NetApp Data Fabric Intel Tech Provider Zone

Kneber Botnet Infects 75,000 Corporate, Government Computers

A computer virus, a version of the Zeus botnet called "Kneber," has infected 75,000 systems in 2,500 business and government agencies around the world, according to researchers at Internet security firm NetWitness.

virus

The virus, a version of the Zeus botnet called "Kneber" because of the user name that links the infected systems, gathers login credentials to online financial systems, social networking sites and email systems, NetWitness said Thursday, and "reports the information to miscreants who can use it to break into accounts, steal corporate and government information, and replicate personal, online and financial identities."

NetWitness, based in Herndon, Va., said it discovered the botnet last month during a routine deployment of its monitoring software. It investigated further and discovered "an extensive compromise of commercial and government systems that included 68,000 corporate login credentials, access to email systems, online banking sites, Facebook, Yahoo, Hotmail and other social networking credentials, 2,000 SSL certificate files, and dossier-level data sets on individuals including complete dumps of entire identities from victim machines," the company said in a statement.

NetWitness said the attacks have been going on for about 18 months and appeared to originate in Europe and China. The company has shared its findings with the targeted companies and government agencies.

The company did not publicly identify the companies and government agencies with infected systems. A story in The Wall Street Journal said pharmaceutical maker Merck & Co. and Cardinal Health Inc. were among the companies with infected IT systems and those companies had contained the problem.

"Systems compromised by this botnet provide the attackers with not only user credentials and confidential information, but remote access inside the compromised networks," NetWitness CEO Amit Yoran said in the statement.

"These large-scale compromises of enterprise networks have reached epidemic levels. Cyber criminal elements, like the Kneber crew, quietly and diligently target and compromise thousands of government and commercial organizations across the globe," Yoran said.

Back to Top

Video

 

trending stories

sponsored resources