Infection rates from the Qakbot worm have skyrocketed since the beginning of April when the worm's authors "seeded new variants," according to Symantec researchers.
New variants of Qakbot typically have appeared every few months for the past two years, but not like the latest outbreak.
"It has not been this big of a deal before," Symantec principal security response manager Vikram Thakur said. "They are clearly pushing hard."
Rates have died down since a peak in late April now that anti-virus products have caught up with the new variants, but not before there were hundreds of thousands of infections.
"There are several information-stealing trojans or threats out there," Thakur said. "This one is pretty high on the list...Once the malware gets on the computer, it knows very well what to do. There are very few things it relies on its control server for. It has a lot more in-built [than previous variants]."
Qakbot may not have the complexity and name recognition of other data-stealing malware, such as Zeus, but arguably can spread faster.
According to Symantec, the worm propagates via network and removable drives and through infected web pages.
"It spreads like wildfire," Thakur said. "This is something that all computer users need to watch out for, especially in corporations because they make use of a lot more impactable propagation vectors."
"The corporate customers [as opposed to home users] are a little bit more susceptible to getting infected by this worm."