Data-stealing 'Mumba' botnet hits 55,000 systems

A criminal gang has stolen over 60GB of data using a botnet that has infected around 55,000 computers around the world, according to a report from security company AVG.

The botnet, which AVG has dubbed 'Mumba', has compromised systems in the UK, as well as in the US, Germany and Spain, the company said in a report (PDF link) released on Monday. The stolen credentials found by AVG's researchers includes bank account numbers, credit card details and social-networking logins.

"The Mumba botnet — so called because of some funky attributes our researchers found on the server — was created by one of the most sophisticated group of cybercriminals on the internet known as the Avalanche Group," AVG said in a blog post. The cyber-gang used the botnet to host phishing sites, store collected data and spread data-stealing malware, according to the report. AVG's researchers found that the compromised computers were spreading four different variants of the Zeus data-stealing Trojan.

The Mumba botnet uses a fast-flux infrastructure to minimise the risk to the criminal of takedown by law enforcement and other agencies. Fast-flux systems hide command-and-control servers within the body of infected computers by constantly reallocating the server.

For more on this story read Data-stealing 'Mumba' botnet hits 55,000 systems on ZDNet UK.