A New Trojan Horse Attacks the Military and the Banks
NetWitness is probably a name you haven’t heard of, but the company is a major in corporate computer security – antivirus for the big boys, if you will. And in February, NetWitness called the alarm on a major Trojan horse attack on government and corporate computers. The attack has gained a lot of notoriety, and they call it the Zeus botnet.
On the NetWitness website, the company’s press release declares that there were 2500 corporations and government offices hit around the world. And they were not just hit by hackers passing the time for their schoolboy hijinks.
This was an attack that stole large caches of corporate secrets (from companies like the pharmaceutical major Merck), and financial information like credit card numbers. Whoever did it, did it for money.
This particular attack is still on the rampage, and it hasn’t been contained just yet. But this hasn’t been an isolated incident either.
For the past year and a half, a ring of cyber criminals in Germany has been using psychological tactics to get employees in major companies and US government agencies to click on tainted e-mail, or to go to tainted websites, in order that they might expose their computers to Trojan horse attacks or virus attacks that could get access to important information.
Once they had the information, it would have been worth a lot of money to the criminals. Military computer networks were infiltrated in the attack too.
All of these computers were fully protected by at least standard-issue antivirus software, and those proved to be completely ineffective against the attacks.
If you have an Internet connection, whether at home or at the office, you could consider yourself targeted. So how did it happen this time?
The Zeus Trojan horse is available for free on the Internet for any mischief monger to use as he sees fit. If enough people carelessly allow the Trojan horse on their computers, the botnet program that lies within, links all the infected computers around the world together over the Internet, and operates them in concert. A botnet, if successful, can actually get together millions of computers to operate this way.
Experts estimate that there are about 6000 botnets in operation right now. The botnet they’re dealing with this time, is called the Kneber botnet, And it has managed to steal more than 50,000 usernames and passwords for all kinds of websites. Sign-in information from banks and social networking seems to be what they were after.
But perhaps it is a bit simplistic to assign a simple motive to an attack as sophisticated as this – to say that they were just after money. The botnet is so sophisticated; it unleashes other botnets, so that no one really knows when any particular one started operating.
This is a botnet that mutates. It is difficult to tell where we go from here. As always, the best defence against attacks by viruses, botnets and Trojan horse devices, is a level of reasonable alertness, and good protection software.