Live Scores Soccer 9 .Com

Posts Tagged ‘kneber botnet symantec’

The ZeuS compromise is a huge hacking network that is currently affecting more than 2,400 businesses and government facilities, infecting over 74,000 computers. The ZeuS compromise is available for rent to the highest bidder who wants to take advantage of the full network.

Unfortunately, it seems like the hackers behind the ZeuS compromise aren’t after money, but their goals are to rent their network to rogue governments and gangs who have really evil intentions in cybercrime.

Kneber is botnet which uses the name BTN1, which is given to ZeuS botnets by default. It’s name Kneber comes from the username that links all the infected systems. A botnet is a collection of software bots or robots that infect computers and run anonymously in the background without the user even knowing, so it can be hardly discovered.

Kneber makes use of Waledac, a peer to peer software that takes care to install the Kneber botnet to remote computers and even reinstall it if removed. According to NetWitness, there are over 74,126 computers infected in 24,11 companies all over the world.

Kneber Botnet

The ZeuS compromise has been running for almost an year and it still does make use of its infected computers as I write the article write now. NetWitness reports the first infection date being Match 25, 2009.

The top five countries with infected computers seem to be Egypt, Mexico, Saudi Arabia, Turkey and the United States. Also the infected systems are all built by Microsoft, running an Windows XP Pro SP2, Windows XP Pro SP3, Windows XP Home SP3, Windows Home SP2, and Windows Vista Home SP2. Linux and Mac computers doesn’t seem to be infected by the Kneber botnet, fortunately.

There are some credentials the Kneber botnet steals the most and the top 6 are netlog.com, sonico.com, metroflog.com, hi5.com, yahoo.com, and facebook.com, though it’s able to steal even more. Also the Kneber botnet stolen credentials from over 68,000 computers.