Chinese and European hackers gained access to government computers at 10 federal agencies during a recently discovered malware attack.
NetWitness, a Virginia-based private security firm, discovered the breaches at federal agencies and about 2,500 companies worldwide, and announced the findings in a Feb. 17 report. NetWitness did not disclose which agencies were attacked, but the malware appeared to be aimed more at gathering financial and personal login information from private corporations than state secrets. It affects computers running on Microsoft Windows operating systems.
Affected computers are infected with a botnet named ZeuS, which collects and feeds the hackers personal information, including data typed to enter encrypted Web sites and cookies, which store credentials for individual Web sites.
The botnet can also insert additional forms on Web sites to get users to enter more personal information than the site legitimately needs. The malware may have been active since March 2009, according to the report. The botnet is difficult to detect and buries itself deep within computers where users can’t find it, the report states.
Egypt, Mexico, Saudi Arabia, Turkey and the U.S. are the countries with the most infected computers, the report concludes.
This botnet’s spread provides a good lesson for any computer user — don’t click on any e-mails or social networking links that you don’t trust. If you get a message purporting to be from your bank, check the e-mail address — is it legitimate? Does your bank use e-mail to communicate with you? Don’t enter any information in sites you aren’t confident are legitimate. And if you think you may have an infected computer, talk to your IT professionals as soon as possible. This is a persistent botnet you don’t want lingering on your machine.
