The latest virus -- known as Kneber botnet -- gathers login credentials to online financial systems, social networking sites and email systems from infested computers and reports the information back to hackers, NetWitness said in a statement.
A botnet is an army of infected computers that hackers can control from a central machine.
The company said the attack was first discovered in January during a routine deployment of NetWitness software.
Further investigation by the Herndon, Virginia-based software security firm revealed that many commercial and government systems were compromised, including 68,000 corporate login credentials and access to email systems, online banking sites, Yahoo, Hotmail and social networks such as Facebook.
Conventional malware protection and signature-based intrusion detection systems are, by definition, inadequate for addressing Kneber or most other advanced threats, Chief Executive Amit Yoran said in a statement.
(Reporting by Sakthi Prasad in Bangalore; Editing by Eric Auchard in London)