Kneber Botnet Puts Conficker to Shame
There's a new botnet in town.
Security firm Netwitness reports that a new form of malware has infected more than 74,000 computers across the globe. Dubbed the Kneber, this ZeuS Trojan botnet focuses on stealing user login credentials for banking sites, email accounts, social networks, and more. Netwitness said that the Kneber botnet is difficult to detect, and has already compromised data from nearly 2500 government and corporate global networks.
"NetWitness first discovered the Kneber botnet in January during a routine deployment of the NetWitness advanced monitoring solutions," the security firm said. "Deeper investigation revealed an extensive compromise of commercial and government systems that included 68,000 corporate login credentials, access to email systems, online banking sites, Facebook, Yahoo, Hotmail and other social networking credentials, 2,000 SSL certificate files, and dossier-level data sets on individuals including complete dumps of entire identities from victim machines."
Although the Kneber botnet spans across 196 countries, the Kneber-controlled machines mostly reside within the United States, Egypt, Mexico, Saudi Arabia, and Turkey. Naturally the malware only targets Windows-based PCs, with the majority of the botnet residing on computers running Windows XP SP2. NetWitness said that Kneber was primarily found on corporate and government computers, however home users are likely to attract the infestation as well.
"Over half the machines infected with Kneber also were infected with Waledac, a peer to peer botnet," the firm said. "The coexistence of ZeuS and Waledac suggests the goals of resilience and survivability and potential deeper cross-crew collaboration in the criminal underground."
While Netwitness didn't offer any suggestions, consumers should keep their antivirus definitions up-to-date, and avoid opening suspicious email attachments.
- Investigation Could See iPhone, Blackberry Ban
- Sony: 3rd-Party Publishers Leaving Nintendo Wii
- Cell Phone Jammers Testing in Maryland Prisons
- Sony Ericsson Hints to PSP Phone
- Apple Announces HDD Replacements for MacBooks
- Google Buys reMail iPhone App, Takes it Off Apple
- Real Juicy Oranges Used to Power Apple iPhone
- Sega Not Developing Sonic 4; Leaked Screens
- Nintendo DS 2 Now Being Tested by Developers?
- School Used Student Webcams to Spy on Them
- Sony's H2O/Freeze/Shock/Dust Proof TX5 Camera
- LED Video Table Plays Movies, Games
- Man Who Tweeted Airport Bomb Hoax is Charged
- Hulu May Charge Subscriptions on iPad
- Apple's iPad Ebooks Won't Use Adobe DRM
- Recent Google Hack Traced to Chinese Schools
- $45,000 Golf Cart Protects Against Grenades
- Google Gets Green Light to Buy, Sell Electricity
- School Confirms Ability to Control Student Webcam
I can't even remember the last time I GOT an email with an attachment.
Seriously, are people (mainly gov't/businesses) this stupid? I haven't gotten a virus or any other cr@p like that (except for the SecuROM root kit which got installed with Spore which was my sisters fault). Keep your stuff up to date and don't be stupid and click on "free xxx.jpg.exe" files,links,etc.
Oh noes! Teh grammas! der computers are bein haxed!!! Not the tax records!!1! Matlock!!!1!
Seriously... it's sad. The primary targets of these cyber attacks rarely fall victim. It's always the elderly and the tadpoles, er, kids that end up downloading viruses.
Why can't they just find something productive to do?
Hey Parrish...you should ad to this article a note about scareware. People see headlines like yours, read the article, then start looking up ways to detect if they have it--this leads them to websites that have hijacked the search results so that people aren't finding actual fixes, but ways to (further) infect their machines.
See this entry from Symantec: http://www.symantec.com/connect/blogs/kneber-zeus
I guess government network doesn't mean government level protection
Solutions: Debian and all of its flavors, Fedora.
Makes me wonder if having a PC at every desk is really all that wise. Maybe in the future, forcing millions of people who will never "get" computers to use them will be seen as a reckless experiment. I'm no guru, but I had to show someone how to use a mouse when the company switched to a computer (instead of paper) system. I'm not kidding, they didn't know how to use a mouse. How are they going to survive a virus/phishing scam?
I can't even remember the last time I GOT an email with an attachment.
^ +1000
I actually never remembered when I was last infected with viruses. And virus-ridden mail.
I guess government network doesn't mean government level protection
It's just a level of protection I expect from the british government. They already lost persolan data of few million people on CDs, laptops, memory sticks and hell knows what else.
My 3yr old daughter can take care of any toy taken to the nursery and always brings it back. If some highly paid moron manages to loose his laptop with confidential data, he should go back to pre-school education.
I guess government network doesn't mean government level protection
It's just a level of protection I expect from the british government. They already lost persolan data of few million people on CDs, laptops, memory sticks and hell knows what else.
My 3yr old daughter can take care of any toy taken to the nursery and always brings it back. If some highly paid moron manages to loose his laptop with confidential data, he should go back to pre-school education.
User stupidity at its best, inst it beautiful?
^ +1000I actually never remembered when I was last infected with viruses. And virus-ridden mail.
I can remember it, there was no email back then and it came on a diskette with an illegal copy of wolfenstein 3d. But I was too already too l33t to get one from my 33.6kbps connection...
Ok people, just because it's a government network doesn't mean they have every one on that network as super IT geeky intelligence.
Most of the people are regular secretaries that know how to push button "A" to get "B" result, and data crunch all day long. When a prompt comes up, most are annoyed and will click madly push the cancel button to make it go away, cause they need that button "A" to continue there work. That cancel button is usually a picture and not a real prompt that then installs those pesky spyware/viruses.
Now the government IT guys can only put so many protections in place, but they can not protect against naive workers that slave through the day, then decide to load up that new virus/maleware/spyware disguised as a funny joke that is passing through the office.
@Shadow703793 please don't bash people immediately just because 40-60 year old workers, who did not grow up on computers, strain the patience of government IT network guys every day
Just a little common sense goes a LONG way with computers... sadly, that's the problem.