Cyberattack had control of more than 74,000 computers.

Over the past year-and-a-half, the criminals behind the cyberattack had control of personal, corporate and government computers at over 2,500 organizations around the world. These have been found to be zombies in the newly discovered “Kneber botnet.”

According to NetWitness, a computer security company headed by former DHS cybersecurity director Amit Yoran, discovered more than 75 gigabytes of stolen data during routine analytic tasks as part of an evaluation of a client network. The company said the data turned out to be the product of a botnet of over 74,000 computers, that the malware used to create the botnet was recognized by less than 10% of antivirus software, and that the botnet’s network communication was not recognized by existing intrusion detection systems.

The cache of stolen data included about 68,000 corporate login credentials, access to e-mail accounts, online banking sites, Facebook, Yahoo, Hotmail, and other social networking sites. It also includes almost 2,000 SSL certificate files, which are used for activities like online banking or connecting to a VPN.

Yoran suggests that this botnet makes Operation Aurora, the cyber attack directed at Google and 33 other companies last December, look unimportant. “While Operation Aurora shed light on advanced threats from sponsored adversaries, the number of compromised companies and organizations pales in comparison to this single botnet,” he said. “These large-scale compromises of enterprise networks have reached epidemic levels. Cyber criminal elements, like the Kneber crew, quietly and diligently target and compromise thousands of government and commercial organizations across the globe.”

As the botnet epidemic continues to evolve and potential negative ramifications become clearer, it is more significant than ever for employing consistent and proactive malware security measures. FireEye Malware Intelligence Lab outlines guidelines to combat global botnet epidemic.

Cyber crimes are relentless in their activities, and are continually fine-tuning their malware. Both individuals and organizations need to incorporate for minimizing the damage of data breaches due to malware. Stealth malware is an invasive element seeking to profit from illegal access into a network.