Torpig: Difference between revisions
Content deleted Content added
mebroot + timeline |
slashdot coverage |
||
| Line 18: | Line 18: | ||
*http://windowssecrets.com/2008/11/26/03-Antivirus-tools-try-to-remove-Sinowal-Mebroot |
*http://windowssecrets.com/2008/11/26/03-Antivirus-tools-try-to-remove-Sinowal-Mebroot |
||
*[http://www.cs.ucsb.edu/%7Eseclab/projects/torpig/ Taking over the Torpig botnet], UCSB, April 2009 |
*[http://www.cs.ucsb.edu/%7Eseclab/projects/torpig/ Taking over the Torpig botnet], UCSB, April 2009 |
||
*[http://tech.slashdot.org/article.pl?sid=09/05/04/0212214 Torpig Botnet Hijacked and Dissected] covered on Slashdot, May 2009 |
|||
[[Category:Botnets]] |
[[Category:Botnets]] |
||
Revision as of 11:54, 4 May 2009
Torpig, also known as Sinowal (based on Mebroot), is a type of Trojan horse which can affect computers using Microsoft Windows as their operating system. Torpig turns off anti-virus applications, allows others to access the computer, modifies data on the computer, steals confidential information (such as user passwords and other sensitive data) and installs more malware on the victim's computer.
As of November 2008 it has been responsible for stealing the details of about 500,000 online bank accounts and credit and debit cards and is described as "one of the most advanced pieces of crimeware ever created".[1]
References
See also
External links
- http://www.f-secure.com/weblog/archives/00001393.html
- http://www.rsa.com/blog/blog_entry.aspx?id=1378
- http://www.windowssecrets.com/2008/11/20/03-Dont-be-a-victim-of-Sinowal-the-super-Trojan
- http://windowssecrets.com/2008/11/26/03-Antivirus-tools-try-to-remove-Sinowal-Mebroot
- Taking over the Torpig botnet, UCSB, April 2009
- Torpig Botnet Hijacked and Dissected covered on Slashdot, May 2009