Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Botnet hijacking reveals 70GB of stolen data - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Botnet hijacking reveals 70GB of stolen data

Thanks to our reader Crill today.  He gave us a heads up on an interesting research project recently conducted at a large university.

newsfeedresearcher.com/data/articles_t19/botnet-torpig-researchers.html

It appears that the university infiltrated a Torpig botnet and for 10 days they watched the botnet activity they discovered:

"During the ten days in which they had control of the botnet, the researchers made some interesting observations. Although they recorded more than 1.2 million IP addresses for infected systems, on the basis of unique bot IDs recorded, this turned out to represent only 180,000 systems."

And what did they find:

"Over these ten days Torpig sent large volumes of data to the researchers, including details of 8310 accounts at 410 different financial institutions."

Check out the link for the full report of what they found and more interesting facts. The scary thing is that this is just one of many of these types of botnet's wrecking havoc on the Internet everyday.  I know....  I deal with them continuously due to customer's with infected machines sending massive amounts of spam.  Shut one down and another takes its place.  The joy of the Internet. 

 

 

Deborah

272 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!