From Dark Reading

Botnet bearing the Zeus Trojan infected 75,000 systems worldwide in 2,500 enterprises, government agencies

Yet another sign that the Zeus Trojan isn't just for stealing consumer online banking credentials anymore: Some 2,500 enterprises and government agencies worldwide have been infiltrated by a botnet spreading the pervasive piece of malware, a security firm revealed today.

The attacks by the so-called Kneber or BTN1 botnet infected around 75,000 systems during a period of a year-and-a-half, and were discovered by researchers at NetWitness, which today issued a report on the botnet. NetWitness found 75 gigabytes worth of stolen data on Jan. 26, which it ultimately traced to the botnet. Among the victims of this botnet, according to a published report in the The Wall Street Journal, are Merck, Cardinal Health, Paramount Pictures, and Juniper Networks.

But unlike the recent attacks on Google, Adobe, and nearly 30 other companies, the Zeus attacks by Kneber were not targeting the victim organizations, nor did they attempt to camp out and infiltrate the organizations for espionage or intellectual property theft purposes. Instead, the victim organizations in the Zeus attack were merely swept up in a wider series of attacks by the Eastern European criminal gang or gangs behind the botnet. This was more of a "smash, grab, and go" type of attack where the criminals infected the machines and siphoned as many credentials as they could without sticking around for too long, according to Alex Cox, the senior consultant and member of the research department at NetWitness who discovered the attacks.    [More....] [Comments...]