Rajandran R Founder of Marketcalls and Co-Founder Algomojo. Full-Time Derivative Trader. Expert in Designing Trading Systems (Amibroker, Ninjatrader, Metatrader, Python, Pinescript). Trading the markets since 2006. Mentoring Traders on Trading System Designing, Market Profile, Orderflow and Trade Automation.

Financial Threats : Torpig botnet

1 min read

httpv://www.youtube.com/watch?v=2GdqoQJa6r4

 
Here is a one hour video lecture from Google about botnet attacks and phising scams using mebroot rootkit(A rootkit is a software program or coordinated set of programs designed to gain control over a computer system or network of computing systems without being detected.). I request my members to go through such video lecture to gain knowledge about this intelligent threat. As of November 2008 torpig botnet attack has been responsible for stealing the details of about 500,000 online bank accounts and credit and debit cards and is described as “one of the most advanced pieces of crimeware ever created”

Botnets, which are networks of malware-infected machines that are controlled by an adversary, are the root cause of a large number of security threats on the Internet. A particularly sophisticated and insidious type of bot is Torpig, also known as Sinowal or Anserin (mainly spread together with Mebroot rootkit), is a type of botnet spread by a variety of trojan horses which can affect computers that use Microsoft Windows. Torpig circumvents anti-virus applications through the use of rootkit technology and scans the infected system for credentials, accounts and passwords as well as potentially allowing attackers full access to the computer. It is also purportedly capable of modifying data on the computer. In this talk, we report on our efforts to take control of the Torpig botnet for ten days. Over this period, we observed more than 180 thousand infections and recorded more than 70 GB of data that the bots collected.

While botnets have been hijacked before, the Torpig botnet exhibits certain properties that make the analysis of the data particularly interesting. First, it is possible (with reasonable accuracy) to identify unique bot infections and relate that number to the more than 1.2 million IP addresses that contacted our command and control server during the ten day period. This shows that botnet estimates that are based on IP addresses are likely to report inflated numbers. Second, the Torpig botnet is large, targets a variety of applications, and gathers a rich and diverse set of information from the infected victims. This allowed us to perform interesting data analysis that goes well beyond simply counting the number of stolen credit cards. In this talk we will discuss the analysis that we performed on the data collected and the lessons learned from the analysis, as well as from the process of obtaining (and losing) the botnet.

Rajandran R Founder of Marketcalls and Co-Founder Algomojo. Full-Time Derivative Trader. Expert in Designing Trading Systems (Amibroker, Ninjatrader, Metatrader, Python, Pinescript). Trading the markets since 2006. Mentoring Traders on Trading System Designing, Market Profile, Orderflow and Trade Automation.

How to Send Automated Orders from Tradingview to Algomojo…

This tutorial explores how to send automated orders from Tradingview using webhook method to Algomojo Trading Platform. Webhook is a unique way of communicating...
Rajandran R
2 min read

TradersKart – One Stop Shop for Traders

TradersKart offers One-Stop E-commerce Solution for all the traders, where traders will get access to their trading needs. Traderskart provides the necessary tools required...
Rajandran R
53 sec read

New Margin Framework for Options Trading and Market Outlook…

In this tutorial, we covered detailed indepth insights on the current market structure and the outlook for June 2020. Also New Margin Framework which...
Rajandran R
22 sec read

Leave a Reply

Get Notifications, Alerts on Market Updates, Trading Tools, Automation & More