Massive cyber attack affects 75,000 computer systems across the world
According to the Washington Post, more than 75,000 computer systems at over 2,500 companies across the world have been hacked in possibly the largest and extremely sophisticated cross-border cyber attack. The perpetrators appear to be non-state entities operating out of Eastern Europe.
They lured employees of targeted companies to open attachments containing malware or malicious software ("bots") which track down login and password information stored on those systems. Experts believe that such login credentials -- which include online banking user information -- are valuable to such hackers.
The attack mostly affected businesses in the United States, Egypt, Mexico, Turkey and Saudi Arabia. Wall Street Journal named Merck and Cardinal Health among the companies affected.
According to the Post:
The intrusion, first reported on the Wall Street Journal's Web site, was detected Jan. 26 by NetWitness engineer Alex Cox. He discovered the intrusion, dubbed the Kneber bot, being run by a ring based in Eastern Europe operating through at least 20 command and control servers worldwide.
ad_iconThe hackers lured unsuspecting employees at targeted firms to download infected software from sites controlled by the hackers, or baited them into opening e-mails containing the infected attachments, Yoran said. The malicious software, or 'bots,' enabled the attackers to commandeer users' computers, scrape them for log-in credentials and passwords -- including to online banking and social networking sites -- and then exploit that data to hack into the systems of other users, Yoran said. The number of penetrated systems grew exponentially, he said.
'Because they're using multiple bots and very sophisticated command and control methods, once they're in the system, even if you whack the command and control servers, it's difficult to rid them of the ability to control the users' computers,' Yoran said.
The malware had the ability to target any information the attackers wanted, including file-sharing sites for sensitive corporate documents, according to NetWitness.
"More than 75,000 computer systems hacked in one of largest cyber attacks, security firm says," The Washington Post (February 18, 2010).
