A newly discovered botnet has already infected 75,000 computers at more than 2,000 organisations, according to security firm NetWitness.
The "Kneber" botnet spreads the Zeus trojan to takeover computers.
Kneber then gathers login details for everything from financial systems to social networking systems, forwarding such useful data over to "miscreants who can use it to break into accounts, steal corporate and government information, and replicate personal, online and financial identities," NetWitness said.
The firm said it discovered the botnet last month, but it has been up and running for a year. Once it looked into the problem, it uncovered the scale of the infection had hit Facebook, Yahoo, Hotmail, corporate email systems and 2,000 SSL certificate files.
NetWitness chief executive Amit Yoran said: "These large-scale compromises of enterprise networks have reached epidemic levels."
"Conventional malware protection and signature based intrusion detection systems are by definition inadequate for addressing Kneber or most other advanced threats," he added in a statement, echoing reports that just 10 per cent of antivirus systems are spotting this version of the Zeus trojan.
"Systems compromised by this botnet provide the attackers not only user credentials and confidential information, but remote access inside the compromised networks."
NetWitness also noted that half of the computers affected by Kneber were also hit by another botnet, called Waledac. "The coexistence of ZeuS and Waledac suggests the goals of resilience and survivability and potential deeper cross-crew collaboration in the criminal underground," the company said.
-
AWS targets IT modernization gains with new agentic AI features in TransformNews New custom agents aim to speed up legacy code modernization and mainframe overhauls
-
HSBC partners with Mistral to fuel bank-wide generative AI adoptionNews The multi-year, strategic partnership will focus on transforming a range of services and tasks from customer-facing to fraud detection and more
-
Europol hails triple takedown with Rhadamanthys, VenomRAT, and Elysium sting operationsNews The Rhadamanthys infostealer operation is one of the latest victims of Europol's Operation Endgame, with more than a thousand servers taken down
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up stingNews Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
-
Horabot campaign targeted businesses for more than two years before finally being discoveredNews The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
-
Brand-new Emotet campaign socially engineers its way from detectionNews This latest resurgence follows a three-month hiatus and tricks users into re-enabling dangerous VBA macros
-
Microsoft says “it’s just too difficult” to effectively disrupt ransomwareNews The company details its new approach to combatting cyber crime as the underground industry drains $6 trillion from the global economy
-
Beating the bad bots: Six ways to identify and block spam trafficIn-depth Not all traffic is good. Learn how to prevent bad bots from overrunning your website
-
Ukraine's vigilante IT army now has a DDoS bot to automate attacks against RussiaNews The 270,000-strong IT Army of Ukraine will now combine supporters' cloud infrastructure to strengthen the daily attacks against their invaders
-
Microsoft's secure VBA macro rules already being bypassed by hackersNews Recent analysis of Emotet activity has revealed a shift away from malicious Office documents to drop malware
