Most major U.S. corporations--up to 88 percent of the Fortune 500 companies--may be affected by botnet activity from computers compromised by the Zeus data-stealing Trojan, according to an RSA study released Wednesday.
Anti-Trojan services analyzed data stolen by Zeus from infected computers in August and traced evidence back to IP addresses and e-mail addresses belonging to the corporations, said Sean Brady, manager of the Identity Protection and Verification Group at RSA, which is the security division of EMC.
Specifically, "domains individually representing 88 percent of the Fortune 500 were shown to have been accessed to some extent by computers infected by the Zeus Trojan," the study said.
Among the stolen data found on the sites where infected computers drop the stolen data was compromised e-mail addresses from about 60 percent of the firms.
The analysis excluded about 20 consumer-focused brands, Google, due to the sheer volume of data they have on the Web, said Brady.
Companies with fewer than 75,000 employees appeared to have the highest ratio of botnet activity and compromised e-mail addresses to employee counts, according to the report.