A Zeus version 2 botnet controlling more than 100,000 computers to steal online banking and card details in the UK has been uncovered by security outfit Trusteer.
The botnet, operated and controlled from Eastern Europe, has been used by crooks to harvest online account IDs, login information to banks, credit and debit card numbers, bank statements and other data, says Trusteer.
The firm says it discovered the extent of the botnet after gaining access to its drop servers and command and control centre which contained the stolen information. The vendor is now passing on its findings to UK authorities.
Amit Klein, CTO, Trusteer, says: "This is just one out of many Zeus 2 botnets operating all over the world. What is especially worrying is that this botnet doesn't just stop at user IDs and passwords. By harvesting client side certificates and cookies, the cybercriminals can extract a lot of extra information on the user, that can be used to augment their illegal access to those users' online accounts."
Klein says the botnet is the latest example of a growing trend of regional malware where the cybercriminals operate targeted and segmented attacks on users, harvesting revenue from one bank's users one day beofre moving onto another the next.