Kneber Botnet Discovered By Researchers
By Naiwrita, Gaea News NetworkThursday, February 18, 2010
HERNDON, VIRGINIA (GaeaTimes.com)- The security researchers at NetWitness Corp, based in Herndon in Virginia, have discovered a botnet. According to the researchers, the particular botnet has affected 75,000 computers operating in about 2500 companies all over the world, in the least. The researchers at the NetWitness Corp have named the botnet the Kneber botnet. The nomenclature has been done based on the common username that links all the affected machines all over the world. The botnet was being used by the criminals to gather information from the online networking sites, e-mail systems and the online financial systems.
Researchers dealing with the Kneber botnet have accumulated about 75GB of data that had been stolen by the botnet. They included login information for Facebook user accounts, Hotmail accounts and Yahoo accounts. Along with that, the botnet had also stolen data regarding the corporate login credentials and about 200 certificate files of the SSL. Most importantly, and possibly the one creating the maximum amount of consternation was the fact that the botnet also stole some dossier level data.
The researchers have claimed that the Kneber botnet has been engaged in these illegal operations for the past 18 months or so. Some of the most prominent companies that came under the attack of the Kneber botnet are reportedly Paramount Pictures, Merck, Juniper Networks and Cardinal Health. It has been guessed by the researchers at NetWitness Corp that the Kneber botnet is being sent by the criminals in the form of attachments in spam mails, or are pasted as links in sites that the officials in these companies are most likely to visit.