Symantec is warning computer users to keep anti-virus tools up to date, after discovering an information-stealing botnet that has compromised 1,100 NHS computers. The security firm said in a blog post that it had been monitoring two FTP servers related to the Qakbot botnet, and found that it had uploaded 4GB of confidential information in just two weeks.
The data included online banking and credit card information, social network and webmail credentials and internet search histories. “One unusual aspect of Qakbot is that, even though its purpose is to steal information associated with home users, it has also been successful at compromising computers in corporate environments and government departments,” the blog noted.
“For instance, there are over 100 compromised computers on a Brazilian regional government network. More alarmingly, the logs show a significant Qakbot infection on a major national health organisation network in the UK.” However, despite the worryingly high number of infected NHS computers, Symantec said that there is currently no evidence to suggest that any customer or patient data has been stolen.
“If you are reading this and are worried about malicious third parties gaining access to your online accounts, now would be a good time to ensure that you change all of your passwords related to your online presence,” the blog post advised. “What’s clear from the data we have analysed is that people use bad habits for creating their passwords.”