Data Breach Alert: Hundreds of thousands of computers infected by Russian hackers

Posted by Joe on August 6th, 2008

Thanks for visiting the NextAdvisor Daily blog. You may want to subscribe to our RSS feed.

A group of hackers, likely based in Russia, may have infected as many as 378,000 PCs over a 16 month period with a software program, called Coreflood, that could extract significant amounts of personal information from the computer owner. The attack was targeted against large corporations and government agencies.

Most corporate or government networks are maintained by a small group of administrators, often just a single person. These administrators use certain tools to interact with dozens or even thousands of computers at once. In this case, hackers were able to leverage these same tools to distribute a malicious software, or malware, program. This malware is able to record keystrokes which, in turn, exposes untold types of personal information, such as passwords, bank account details, social security numbers, email accounts and more, to the criminals involved.

These types of administrative attacks are nothing new according to Joe Stewart, the security expert that discovered the attacks and reported them to the FBI. Stewart told the New York Times that he had been able to track the perpetrators to the Ukraine by way of a data center located in Wisconsin. The hackers had used the midwest data center to control as many as 100,000 computers at the time Stewart discovered the operation.

Unfortunately, hundreds of thousands of individuals who likely believed that their personal information was secure on a business computer have been victimized. This case shows how important it is for each individual computer user to take control of their PC's security, even if it is a company owned computer. To learn more, read our guide to Internet security software programs that can help prevent malicious attacks from viruses, spyware, phishers and email spammers.

• Mozy and Carbonite receive high marks in security
• Hackers gain access to sensitive data from 100,000 websites
• Identity Theft Restitution Act adds harsher federal penalties for identity thieves and hackers
• Data Breach Alert: Over 10 million eBay Korea users impacted in massive hack
• Data Breach Alert: 60,000 impacted in Ohio data breach