Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Botnet hijacking reveals 70GB of stolen data

Published: 2009-05-07
Last Updated: 2009-05-07 23:47:24 UTC
by Deborah Hale (Version: 1)
0 comment(s)

Thanks to our reader Crill today.  He gave us a heads up on an interesting research project recently conducted at a large university.

newsfeedresearcher.com/data/articles_t19/botnet-torpig-researchers.html

It appears that the university infiltrated a Torpig botnet and for 10 days they watched the botnet activity they discovered:

"During the ten days in which they had control of the botnet, the researchers made some interesting observations. Although they recorded more than 1.2 million IP addresses for infected systems, on the basis of unique bot IDs recorded, this turned out to represent only 180,000 systems."

And what did they find:

"Over these ten days Torpig sent large volumes of data to the researchers, including details of 8310 accounts at 410 different financial institutions."

Check out the link for the full report of what they found and more interesting facts. The scary thing is that this is just one of many of these types of botnet's wrecking havoc on the Internet everyday.  I know....  I deal with them continuously due to customer's with infected machines sending massive amounts of spam.  Shut one down and another takes its place.  The joy of the Internet. 

 

 

Keywords: botnet
0 comment(s)
Diary Archives