The Register is reporting that a variant of the Zeus botnet has penetrated manyFortune 500 firms in the financial industry during an ongoing 18 month attack that continues to steal online banking credentials and other sensitive data.
Almost 2,500 firms breached in ongoing hack attack
The infections by a variant of the Zeus botnet began in late 2008 and have turned more than 74,000 PCs into remote spying platforms that have siphoned highly proprietary information out of at least 10 federal agencies and thousands of companies, according to research from NetWitness, a Herndon, Virginia-based network forensics firm.
Many of the victims are Fortune 500 firms in the financial, energy, and high technology industries. Company researchers have already reported the attacks to federal authorities and are in the process of notifying individual victims.
“The botnet is still active and still actively being managed by the organized criminal activity behind it,” NetWitness CTO Tim Belcher told The Register. “Over the last month, we’ve seen it re-task its (victim) members half a dozen times looking for different types of information.”
