Researchers Expose Botnet Packing 60GB of Stolen Data

Dennis Faas's picture

A recently discovered botnet packing approximately 60 gigabytes (GB) of passwords and other stolen data has been opened up by security researchers. The crack was made in spite of the botnet's difficult-to-detect, self-cloaking ability.

Known as Mumba, the botnet intercepted and amassed data from 55,000 PCs when it was first investigated, says security firm AVG. It's believed well-known data thieves "Avalanche Group" were responsible for the botnet. According to a report earlier in 2010, Avalanche was responsible for about two in every three phishing attacks during the last six months of 2009. (Source:

Phishers Pose Sophisticated Threat

AVG says Avalanche Group and data thieves like them pose an enormous threat to Internet users -- and the chance of being attacked is only getting worse.

"These criminals are some of the most sophisticated on the Internet, and have perfected a mass-production system for deploying phishing sites and 'crimeware,'" AVG noted in a report released earlier this week. "This means that mitigating the threat by going after the servers hosting the data using the 'Mumba' botnet is now much harder than before." (Source:

They're not kidding: according to AVG, Mumba uses four variations of the Zeus malware to swipe data from machines that have been compromised. "Zeus version now supports the latest Microsoft operating system -- Windows 7, and is able to steal [web] traffic data from the Mozilla Firefox browser," AVG said.

U.S. Machines Most Targeted

AVG found a wide range of data types within Mumba. Reports say stolen information ranged in style from passwords to social networking accounts, to banking data to credit card numbers. Even intercepted emails were found inside. (Source:

American computers represented the prime target of Mumba, with one in every three compromised machines being from the U.S. Surprisingly, Denmark ran second at 17 per cent, Spain at 7 per cent, Britain at 6 per cent, with a wide collection of countries coming in after that.

AVG earlier this year discovered a similar botnet researchers found had acquired information from approximately 74,000 compromised computers, many of those being owned by Fortune 500 companies.

| Tags:
Rate this article: 
No votes yet