Move Over Confickr, Kneber is Here!

Remember the Confickr worm, the worm that was to take over the cyber world last April? Well, a new threat is here. (“Actually it’s not so new,” says a Symantec spokesperson. “Kneber is the same as the ZeuS bot, which Symantec has been monitoring for a while now.”)

The Kneber botnet has reportedly breached nearly 75,000 computers at 374 US companies and government organizations, with the goal of harvesting login credentials for online financial accounts, social networking sites, and email systems. The compromised systems include those at some commercial enterprises such as Merck (a pharmaceutical company) and Paramount Pictures.

Computers with up-to-date security software should already be protected from this threat, but users should not depend on malware protection alone. “There are ‘less technical ways’ to detect the botnet,” Johannes Ullrich, chief research officer for the SANS Institute, says. “For example, the bot may inject additional pages into online banking login screens. If the user is all of a sudden asked for a secret question, Social Security number or other unusual items during the login process, abort the login, and call your bank or try the login from another computer.”

Read the full story at MSNBC or at Computerworld.


About MIT
IT Security Awareness Consultant and Communications Specialist at MIT

Comments are closed.

%d bloggers like this: