A newly discovered botnet has already infected 75,000 computers at more than 2,000 organisations, according to security firm NetWitness.
The "Kneber" botnet spreads the Zeus trojan to takeover computers.
Kneber then gathers login details for everything from financial systems to social networking systems, forwarding such useful data over to "miscreants who can use it to break into accounts, steal corporate and government information, and replicate personal, online and financial identities," NetWitness said.
The firm said it discovered the botnet last month, but it has been up and running for a year. Once it looked into the problem, it uncovered the scale of the infection had hit Facebook, Yahoo, Hotmail, corporate email systems and 2,000 SSL certificate files.
NetWitness chief executive Amit Yoran said: "These large-scale compromises of enterprise networks have reached epidemic levels."
"Conventional malware protection and signature based intrusion detection systems are by definition inadequate for addressing Kneber or most other advanced threats," he added in a statement, echoing reports that just 10 per cent of antivirus systems are spotting this version of the Zeus trojan.
"Systems compromised by this botnet provide the attackers not only user credentials and confidential information, but remote access inside the compromised networks."
NetWitness also noted that half of the computers affected by Kneber were also hit by another botnet, called Waledac. "The coexistence of ZeuS and Waledac suggests the goals of resilience and survivability and potential deeper cross-crew collaboration in the criminal underground," the company said.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up stingNews Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
-
Horabot campaign targeted businesses for more than two years before finally being discoveredNews The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
-
Brand-new Emotet campaign socially engineers its way from detectionNews This latest resurgence follows a three-month hiatus and tricks users into re-enabling dangerous VBA macros
-
Microsoft says “it’s just too difficult” to effectively disrupt ransomwareNews The company details its new approach to combatting cyber crime as the underground industry drains $6 trillion from the global economy
-
Beating the bad bots: Six ways to identify and block spam trafficIn-depth Not all traffic is good. Learn how to prevent bad bots from overrunning your website
-
Ukraine's vigilante IT army now has a DDoS bot to automate attacks against RussiaNews The 270,000-strong IT Army of Ukraine will now combine supporters' cloud infrastructure to strengthen the daily attacks against their invaders
-
Microsoft's secure VBA macro rules already being bypassed by hackersNews Recent analysis of Emotet activity has revealed a shift away from malicious Office documents to drop malware
-
Emotet infrastructure has almost doubled since resurgence was confirmed
News Researchers confirm the infrastructure has also been upgraded for a "better secured", more resilient operation
