More than 1000 desktop computer systems owned by the National Health Service (NHS) have been infected with Qakbot, a botnet that steals data, but which appears not to have harvested any patient information.
The data stealing worm Qakbot has infected over 1,100 separate systems, according to security vendor Symantec. Essentially the botnet tries to steal login details for file transfer protocol (FTP) accounts, and email logins which use post office protocol (POP) 3.
“For instance, there are over 100 compromised computers on a Brazilian regional government network. More alarmingly, the logs show that there is a significant Qakbot infection on a major national health organisation network in the UK,” he wrote.
“This threat has managed to infect over 1,100 separate computers that are spread across multiple subnets within their network. We have attempted to contact the affected parties and have no evidence to show that any customer or patient data has been stolen. Given that these figures are based on the evidence from logs obtained from only two servers over two weeks, the actual numbers may be higher,” Fitzgerald warned.
Qakbot is designed to monitor compromised computers for sensitive information and works by recording the suggestions brought up by the autocomplete features of browsers. It is also capable of stealing data (up to 2GB per week) such as online banking information, credit card information, social network credentials and email account information as well as Internet search histories.
Symantec warned earlier this week that the physical theft or loss of a device containing corporate information is the largest single reason for data breaches. The security vendor found in its latest Global Internet Security Report that corporate IT systems are facing increasingly targeted attacks.
Indeed, Symante has previously revealed the heavy price of cyber attacks and the corporate security measures to tackle them, after it conducted a study that found that cyber attacks are costing enterprises around $2 million (£1.3m) per year.
The headaches posed by data breaches are nothing new. Back in February for example, a critical server at the Valdosta State University in Georgia was hacked, an attack that compromised highly sensitive personal information of thousands of students and staff.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…