Torpig: Difference between revisions
Content deleted Content added
No edit summary |
adding link to UCSB Seclab paper entitled ""Your Botnet is My Botnet: Analysis of a Botnet Takeover" |
||
| Line 12: | Line 12: | ||
*http://www.windowssecrets.com/2008/11/20/03-Dont-be-a-victim-of-Sinowal-the-super-Trojan |
*http://www.windowssecrets.com/2008/11/20/03-Dont-be-a-victim-of-Sinowal-the-super-Trojan |
||
*http://windowssecrets.com/2008/11/26/03-Antivirus-tools-try-to-remove-Sinowal-Mebroot |
*http://windowssecrets.com/2008/11/26/03-Antivirus-tools-try-to-remove-Sinowal-Mebroot |
||
*[http://www.cs.ucsb.edu/%7Eseclab/projects/torpig/ Taking over the Torpig botnet], UCSB, April 2009 |
|||
[[Category:Trojan horses]] |
[[Category:Trojan horses]] |
||
Revision as of 10:10, 4 May 2009
Torpig, also known as Sinowal and Mebroot, is a type of Trojan horse which can affect computers using Microsoft Windows as their operating system. Torpig turns off anti-virus applications, allows others to access the computer, modifies data on the computer, steals confidential information (such as user passwords and other sensitive data) and installs more malware on the victim's computer.
As of November 2008 it has been responsible for stealing the details of about 500,000 online bank accounts and credit and debit cards and is described as "one of the most advanced pieces of crimeware ever created".[1]
References
External links
- http://www.f-secure.com/weblog/archives/00001393.html
- http://www.rsa.com/blog/blog_entry.aspx?id=1378
- http://www.windowssecrets.com/2008/11/20/03-Dont-be-a-victim-of-Sinowal-the-super-Trojan
- http://windowssecrets.com/2008/11/26/03-Antivirus-tools-try-to-remove-Sinowal-Mebroot
- Taking over the Torpig botnet, UCSB, April 2009