Security

Stealth Botnet Infects Nearly 2 Million Systems

Artwork: Chip Taylor
One of the largest botnets ever to be discovered has infected 1.9 million computers around the world, including corporate and government machines, according to a security firm.

Finjan's Malicious Code Research Center (MCRC) uncovered the huge botnet when researching command and control servers operated by cybercriminals. It is reportedly at least four times larger than botnets that have been discovered in the past, which have tended to include 200,000 to 500,000 computers.

Britain's Police Central e-crime Unit (PCeU) and the FBI are working to hunt down the hackers responsible for the botnet, according to Finjan.

A cyber gang made up of six criminals based in the Ukraine are believed to be responsible for the giant network of remotely-controlled PCs.

In the UK alone, more than 500 companies were caught in the network of infected machines, including several PCs inside six UK government bodies. In total, 77 government-owned domains from around the world, at both federal and local government level, were infiltrated.

The malware spreads when victims visit compromised websites. Then hackers can remotely control the malware to execute almost any command on the end-user computer as they see fit, such as: reading emails, copying files, recording keystrokes, sending spam, making screenshots, Finjan claims.

The security firm said it has contacted affected corporate and government agencies to let them know that they were part of the infected computer names.Yuval Ben-Itzhak, chief technology officer of Finjan, said: "The sophistication of the malware and the staggering amount of infected computers proves that cybergangs are raising the bar."

According to Finjan, 78 percent of infected computers were running Internet Explorer, 15 percent were using the Firefox Web browser and the remaining were using Opera, Safari and other browsers.

Almost half (45%) of the infected computers were in the US. Six percent of the botnet computers were in the UK.

Subscribe to the Security Watch Newsletter

Comments