A group of hackers, probably based in Russia, may have infected up to 378,000 on a PC 16 months with a software program called Coreflood, which could extract significant amounts of personal information from the computer's owner. The attack was directed against large companies and government agencies.
Most corporate or government networks are maintained by a small group of administrators, often just one person. These administrators use some tools to interact with dozens or even thousands of computers at once. In this case, hackers were able to take advantage of these tools to distribute malicious software, or malware program. This malware can record keystrokes, which, in turn, exposes countless types of personal information such as passwords, details of bank accounts, social security numbers, email accounts and more for criminals involved.
These types of administrative attacks are not new, according to Joe Stewart, security expert who discovered the attacks and bring them to the FBI. Stewart told the New York Times that he was able to track the perpetrators of Ukraine through a data center located in Wisconsin. The pirates had used the midwest data center to control as much as 100,000 computers at Stewart discovered the operation.
Unfortunately, hundreds of thousands of people probably believed that their personal information was secured on a company computer were victims. This case shows how important it is for each user of the computer to take control of the security of their PC, even if it is a computer of the investee. To learn more, read our guide to Internet security software programs that can help prevent malicious attacks against viruses, spyware, phishers and email spammers.