Security experts say hackers for the past 18 months have virtually unfettered access to the thousands of government and private sector networks after using a Zeus botnet to steal thousands of user names and passwords. eSecurity Planet details the scope of this massive cyber attack and why security experts are bracing for the worst.
For the past 18 months, hackers based in Europe and China using a Zeus botnet managed to infiltrate more than 75,000 computer systems at nearly 2,500 companies and government agencies to steal log-in information culled from social networking sites to break into bank accounts, steal corporate data and replicate personal and financial identities.
According to threat detection and security software maker NetWitness, this newly discovered Kneber botnet—so named for the username associated with the infected systems worldwide—was first identified in January during a routine deployment of the company’s advanced monitoring software.
Investigators soon discovered that hackers using the ZeuS Trojan spyware managed to acquire more than 68,000 log-in credentials, giving them access to a variety of e-mail systems, online banking systems, Facebook, Yahoo and Hotmail accounts as well as dossier-level data sets on individuals including complete dumps of entire identities from compromised computers.
NetWitness officials said it has already notified many of the companies and organizations affected, warning that this massive cyber attacks is still ongoing and neither NetWitness nor the affected organizations can determine exactly how much data was compromised and what, if anything, the hackers have done with the purloined information.
According to NetWitness, hackers based in Germany began accessing corporate networks in late 2008 by tricking employees into clicking on contaminated links and Web sites using the ZeuS spyware that can be downloaded for free online. The spyware got victims to click on what they thought was an application or attachment used to clean up viruses.