Home Malware Strikes Again

PostHeaderIcon Malware Strikes Again

Remember “Conficker”, which may have infected up to 15 million computers world-wide, and is still on the loose? Meet “Kneber”, the name coined by the computer network security firm NetWitness, to a new piece of malicious software that is circulating via “botnet” (networks of zombie computers trained to spread the program to their users' mailing lists, often without their knowledge) all over the world. The publication ComputerWorld (www.computerworld.com) reported February 18 that it had found 74,000 compromised computers in 2,400 different countries world-wide.

Why? To gain access to online banking and credit card accounts, Facebook and other social network credentials, and whatever else – passwords, PIN numbers, etc. - that can be harvested and sent back to the program's handlers.

NetWitness reports that half of the computers found to be infected with Kneber had also been infected earlier by Waledec, a similar piece of botnet malware. Kneber is just one example of a botnet built with the well-known “ZeuS” toolkit. More than half of the Kneber-infected machines were already infected with this malware, which uses peer-to-peer mechanisms to spread its package of infections.

NetWitness found that the Kneber server log contained a wealth of individual's personal passwords to Facebook and Yahoo, as well as financial sites including CitiBank, Wells Fargo, Citizens Bank, HSBC Bank, and even Facebook.

The take-away point: Never, ever, download a .zip or other executable file without knowing exactly want it is, who sent it, and why. The “friend” who sent you that “greeting card” or “IQ test” may have no idea that their computer was hijacked and spewing malware to everyone on their mailing list.

 

Last Updated (Sunday, 18 April 2010 23:05)