Home Malware Programs Trojans Password Stealing Zeus Trojan Hacks Over 74000 PCs

Password Stealing Zeus Trojan Hacks Over 74000 PCs

Posted: February 22, 2010

More than 74000 computers and 2500 organizations have been hacked by the notorious Zeus Trojan.

Newsmakers have made huge headlines by dubbing the Zeus Trojan "Kneber", and have falsely claimed it is a new virus, when it is actually just a variant of Zeus.

The cyber attacks, which took place over the past year and a half, were designed to steal login credentials to bank sites, social networks, and e-mail systems. The botnet name Kneber comes from a username on the infected PCs.

Merck, Cardinal Health, Paramount Pictures, and Juniper Networks were all among the targets in the attack. Security firms say criminals in Eastern Europe are using a command-and-control server in Germany to send attachments containing the malware in emails or corrupt websites containing links to the malware.

More than 75 gigabytes worth of stolen data was discovered during routine analytic checks as part of an evaluation of a client network on January 26 by security company NetWitness. The cache of stolen data included 68000 corporate login credentials, access to e-mail systems, online banking sites, Facebook, Yahoo, Hotmail, 2000 SSL (Secure Sockets Layer) certificate files and personal data about various individuals.

The Zeus Trojan can be used to search for and steal any file on the computer, and download and execute programs to allow someone remote control of the computer. More than half of the compromised machines were also infected with peer-to-peer bot malware called Waledac.

About 200 countries were affected, with most of the infections in the United States, Egypt, Mexico, Saudi Arabia and Turkey.

Loading...