Herndon, Va., forensics firm NetWitness has said that the Zeus botnet has breached the networks of nearly 2,500 organizations in nearly 200 countries, including 10 U.S. federal agencies. NetWitness researchers said many victims are Fortune 500 companies in energy, finance and high tech sectors.
NetWitness based its conclusions on information from a 75-gigabyte collection of data that they intercepted. It was information the botnet had stolen in one month.
The Zeus botnet, which started in 2008, is believed to have 74,000 machines infected.
Researchers said the group behind Zeus also had machines infected with Waledac and had changed instructions in the botnet several times in order to find and steal different types of data.
The botnet controllers, using servers in Germany and the Netherlands, had breached networks in 196 countries including Egypt, Mexico, Saudi Arabia, Turkey, and the U.S.