Torpig

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Torpig, also known as Sinowal or Anserin (mainly spread together with Mebroot rootkit), is a type of botnet spread by a variety of trojan horses which can affect computers that use Microsoft Windows. Torpig circumvents anti-virus applications through the use of rootkit technology and scans the infected system for credentials, accounts and passwords as well as potentially allowing attackers full access to the computer. It is also purportedly capable of modifying data on the computer, and can perform man-in-the-browser attacks.

By November 2008, it was considered that Torpig had stolen the details of about 500,000 online bank accounts and credit and debit cards and was described as "one of the most advanced pieces of crimeware ever created".[1]

In early 2009, a team of security researchers from University of California, Santa Barbara took control of the botnet for ten days. During that time, they extracted an unprecedented amount (over 70 GB) of stolen data and redirected 1.2 million IPs on to their private command and control server. The report[2] goes into great detail about how the botnet operates.

See also[edit]

References[edit]

External links[edit]