Security researchers with NetWitness Corp. have discovered a massive botnet which includes at least 75,000 infected computers at 2,500 companies and government agencies throughout the world. The Kneber botnet has been used by cyber criminals to acquire login credentials for email systems, financial and social networking sites.
The Kneber botnet is named after the username that has linked the infected computers into a botnet. The data uncovered by NetWitness included login credentials for the social networking site Facebook, email providers Yahoo and Hotmail and corporate level credentials. It also included SSL certificate files and “dossier-level” identity information.
In addition to the stolen credentials, the victims’ computers are also assembled into a botnet which can be used by the attacker to remotely access the compromised network.
“Disturbingly, the data was only a one-month snapshot of data from a campaign that has been in operation for more than a year,” NetWitness said in a statement.