Torpig : visit of a botnet

En français

Tor-pig ?

No, I am not going to tell you yet another story about the swine flu. Researchers from the University of Santa Barbara in California published a report on their discoveries after temporarily taking control of the command system of the Torpig botnet.

This botnet is made up of victims of a certain piece of malware (Torpig/Sinowal/Anserin) which targets Microsoft Windows systems. According to some previous accounts it was first spotted (says here RSA) in February 2006 or in July 2005 according to other sources. Thus, it has now been almost four years since the birth of this trojan and it is still very active!

In concluding their report, the researchers from Santa Barbara quoted by ZDNet this week, have found that this malicious software can collect millions of passwords, thousands of credit card numbers or bank account credentials in a ten day period. They are maintaining a project webpage.

This is a new example of the techniques that are necessary today to efficiently collect information about these botnets : penetrating their command centres. Today, such methods for collecting evidence remain illegal in Europe (and even research conducted in this manner could be questioned).