Global botnet hits Kiwis too

At least 10,000 New Zealand computers have been taken over by malicious hackers, who are already selling sensitive information online.

Almost two million PCs globally, including machines inside UK and US government departments have been infected, allowing hackers to remotely control private computers to take screen shots, record keystrokes, and access emails.

Security experts Finjan traced the giant network of remotely-controlled PCs, called a botnet, back to a gang of cyber criminals in Ukraine.

Finjan Security spokesman Neil Stinchcombe told the Herald last night "At least 10,000 New Zealand computers have definitely been affected," adding that the malicious software, which targeted corporate, government and consumer computers, would only be detected by sophisticated security systems.

He said the botnet software could sit on your computer undetected for months. "It is difficult to know whether you have it on your computer or not. Unless someone is sucking data from your PC you might never realise..."

The cyber criminals, who were still at large, were selling access to the compromised machines, thought to be mainly PCs inside companies, on hackers' forums.

One thousand machines were being sold at a time for between US$50 and $100.

Once a machine has been infected by a botnet, it can be instructed to download further software, which puts the machine at the mercy of hackers.

If a single machine inside a corporate network has been made part of the infected network it puts other machines on the network at risk.

Finjan chief technical officer Yuval Ben-Itzhak said the large profit margins of cyber crime allowed gangs to hone their malicious software.

"The sophistication of the malware and the staggering amount of infected computers proves that cybergangs are raising the bar."

Last month, Finjan detected another Ukrainian cybercrime organisation which was selling fake anti-virus software, and estimated it was making $10,800 a day.