•    HOME   
•    NEWS   
•    BUSINESS   
•    INTERNATIONAL   
•    TECH   
•    SPORTS   
•    LIFE & TIMES   
•    OPINION   
•    MY JAKARTA   
•    BLOGS   

New York. A malicious software program has infected more than 75,000 computers at about 2,500 corporations around the world, a computer network security company has found.

The malicious program gathers login credentials to online financial systems, social networking sites and email systems from infested computers and reports the information back to hackers, NetWitness said in a statement.

The operating systems of both residential and corporate computing systems that are infected can thus be controlled via the Internet. Such networks, or botnets, are used by computer criminals for a range of illicit activities, including sending e-mail spam, and stealing digital documents and passwords. Often they install so-called “keystroke loggers” to capture personal information.

NetWitness said it had discovered the program last month while the company was installing monitoring systems. The company dubbed it the “Kneber botnet” based on a username that linked the infected systems. The purpose appears to be to gather login credentials to online financial systems, social networking sites and e-mail systems, and then transmit that information to the system’s controllers, the company said.

The company’s investigation determined the botnet had been able to compromise both commercial and government systems, including 68,000 corporate log-in credentials. It has gained access to e-mail systems, online bank accounts, Facebook, Yahoo, Hotmail and other social network credentials, along with more than 2,000 digital security certificates and a significant cache of personal identity information.

“These large-scale compromises of enterprise networks have reached epidemic levels,” said Amit Yoran, chief executive of NetWitness and former director of the National Cyber Security Division of the US Department of Homeland Security.

“Cyber criminal elements, like the Kneber crew, quietly and diligently target and compromise thousands of government and commercial organizations across the globe. Conventional malware protection and signature-based intrusion detection systems are, by definition, inadequate for addressing Kneber or most other advanced threats.”

The current infection is modest compared to some of the largest known botnets, however. For example, a system known as Conficker, created in 2008, infected as many as 15 million computers at its peak and continues to contaminate more than 7 million systems globally. Currently Shadowserver, an organization that tracks botnet activity, is monitoring 5,900 separate botnets.



NYT, Reuters