It's fair to say that security companies are keen to create marketing campaigns around the discovery or solution to various new threats (financial data security news). Creating this sort of awareness is a time honored technique. Still, NetWitness's announcement that it has discovered a new botnet, called the Kneber botnet, has garnered an unusual amount of media attention.

The Washington Post, for example, suggests it is "one of the largest and most sophisticated attacks by cybercriminals discovered to date." This is unsettling to say the least, coming on the heels of the massive attack on Google (Google news) and other companies.

According to NetWitness, the botnet "gathers login credentials to online financial systems, social networking sites and email systems from infested computers and reports the information to miscreants who can use it to break into accounts, steal corporate and government information, and replicate personal, online and financial identities."

The real story is the breadth of the new botnet. The company says the botnet has been able to infect commercial and government systems (data breaches news), including 68,000 corporate log-in credentials. More than 75,000 systems in 2,500 organizations around the world have been affected. Netbot apparently uses a well-known Trojan Horse--an illicit entry point--known as ZeuS. While this Trojan horse was thought to be used in attacking financial targets, it seems the uses are broader. Many of the machines infected with the Kneber botnet were also infected by a botnet known as Waledec, which suggests to the company that criminal crews may be teaming up. 

For more:
- here's a New York Times article
- here's a Washington Post article
- here's a press release

Related Articles:
Banks, exchanges hit with cyberattack? Really?
Steps to balance security and compliance
In malicious code case, a not guilty plea
Big battle: Security managers vs. auditors?