Researchers managed to compromise a Torpig botnet

Security researchers have infiltrated the Torpig botnet which had stolen 70 GB worth of data in 10 days. It was revealed that Torpig bots have stolen more than 8,300 credentials used to login to 410 different financial institutions, states a research team from the University of California at Santa Barbara. It is also known that over 21 percent of the accounts belonged to PayPal users. 

The researchers found that the reason Torpig was so “successful” was that it could siphon credentials from a large number of computer programs, including Mozilla Thunderbird, Microsoft Outlook, Skype, ICQ, and 26 other applications. Every 20 minutes, the malware automatically uploaded new data to servers controlled by the botnet managers. 

The botnet was hijacked due to its weaknesses in the way it updates the master control channels used to send new instructions to the machines it controls. 

Moreover, infiltrating Torpig the researchers were able to watch infected users. One victim, an agent for an at-home, distributed call center, transmitted no fewer than 30 credit card numbers at the time of observation. The report also documented an epidemic of lax password policy. It was also noted that almost 28 percent of victims reused their passwords, and over 40 percent of passwords could be guessed in 75 minutes or less using the popular John the Ripper password cracking program.