Wifi Password Recovery - UTM - Vulnerability Scanning


VIP LOUNGE
CLOUD LOGIN
Sun Sun Sun

You are here: News > News > Botnet stole 70GB worth of data in 10 days

» IT Security NEWS
 
» 03 May 2009
Botnet stole 70GB worth of data in 10 days
Hijacking doesn't happen only in planes, and it doesn't have to be bad.

Security researchers have successfully hijacked the Torpig botnet (also called Sinowal and Anserin) and discovered 70GB worth of data that was stolen over a 10-day period. By doing so, the research team of the University of California at Santa Barbara also managed to learn crucial processes undertaken by the most infamous zombie networks in the world.

The 70GB worth of data included over 8,300 credentials that are needed to access 410 different financial institutions, of which over 20 percent of the accounts are owned by PayPal users. In total, nearly 298,000 unique credentials were stolen from over 52,000 badly infected machines.

How did Torpig do such big theft? The key is its ability to convey credentials from a wide array of computer programs, including Microsoft Outlook, Mozilla Thunderbird, Skype, and ICQ. Some other 26 applications were intercepted by Torpig. It then vigilantly watches the keystrokes entered in each of these programs. The malware automatically sends fresh data to its servers thrice every hour. And since the software runs at low level, passwords are effortlessly intercepted even before secure sockets layer or similar programs can have a chance to encrypt them.

How did the research team seize the formidable botnet? They looked at the vulnerabilities of the Torpig botnet in updating master control channels. They registered one of the domains listed and used that to manage infected machines that sent reports back to it. They watched the botnet's behavior in the 10 succeeding days, up to when the operators won back the control.

Overall, the research team has discovered over 180,000 infected computers, which are linked to over a million IP addresses. The information stressed the necessity of finding the best way of discovering a botnet's true size and, moreover, not immediately jumping into the conclusion that the number of unique IP addresses are the same as the number of zombies involved. "Taking this value as the botnet size would overestimate the actual size by an order of magnitude," the researchers warned.

 


Reviews of SecPoint.com
 
 
 
 
 

Awards & Reviews
  

  

Subscribe to our Mailing List

Customer References


About
About
SecPoint
History
Mission Statement
Vision
Management
Investment
Bank
Sponsorship
Certificates
Environment
Environment
What is RoHS Weee?
Accounting
Values
Member of Organisations
Merchandise
SecPoint Certification
Design
Status Information
Hardware Vendors
Jobs
Environment
SecPoint on social media
Twitter Facebook Youtube
Products
Products
Protector
Cloud Protector
Penetrator
Portable Penetrator
Cloud Penetrator
Free IT Security Tools
Pricing
SecPoint Brochures
SecPoint Questions FAQ
SecPoint Datasheets
SecPoint SPID Library


Partners
Partners
Become a SecPoint Affiliate
Become a SecPoint Partner
SecPoint Franchising
SecPoint Partner Lounge
News
News
Press
Product Awards
SecPoint RSS Feeds


Contact
Contact
General Contact
IT Security Products Webshop
Latest SecPoint Software Images Change Log
SecPoint FAQ Frequently Asked Questions
SecPoint on Twitter
SecPoint Sales Training Videos
SecPoint Shipping Cost
SecPoint World Wide Shipping
Support
Solutions
Anti-Spam Appliance
UTM Appliance
Penetration Testing
Proxy Appliance
SAAS
Spam Filters
Vulnerability Assessment
Vulnerability Scanner
Vulnerability Scanning
Vulnerability Scanning Appliance
Web Content Filter
Web Filter Appliance
WiFi Hacking
How essential is vulnerability
management?
What is ...?

Encyclopedia | Free Scan Statement | Link Policy | Privacy Statement | Resources | Sitemap | User Policy
© Copyright 1999-2012: SecPoint®
SecPoint ApS Noerregade 7B - 1165 Copenhagen K - Denmark
US Toll free: +1-888-704-7297 - EU: +45-70-235-245