View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Data Centre
February 18, 2010

New virus targets corporate networks, credentials

Affects 75,000 systems in 2,500 organisations

By CBR Staff Writer

Internet security firm NetWitness has discovered a new type of computer virus that has affected 75,000 systems in 2,500 organisations around the world.

According to the security firm, the newly-discovered virus, known as ‘Kneber botnet’ gathers login credentials to online financial systems, social networking sites and email systems from infested computers and reports the information to miscreants who can use it to break into accounts, steal corporate and government information, and replicate personal, online and financial identities.

The security firm said that it has first discovered the virus in January during its routine deployment of the monitoring solutions.

NetWitness said that the further investigation of the virus revealed that various commercial and government systems were compromised, including 68,000 corporate login credentials, access to email systems, online banking sites, Facebook, Yahoo, Hotmail and other social networking credentials, 2,000 SSL certificate files, and dossier-level data sets on individuals including complete dumps of entire identities from victim machines.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Over half the machines infected with Kneber also were infected with Waledac, a peer to peer botnet, suggesting the goals of resilience and survivability and potential deeper cross-crew collaboration in the criminal underground, the firm said.

Amit Yoran, CEO of NetWitness and former director of the National Cyber Security Division, said, Conventional malware protection and signature based intrusion detection systems are by definition inadequate for addressing Kneber or most other advanced threats.

“Organisations which focus on compliance as the objective of their information security programs and have not kept pace with the rapid advances of the threat environment will not see this Trojan until the damage already has occurred.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.