Botnet Hacked for Good: A Glance Into Information Stealing

Stolen passwords, credit card information and personal e-mails were in abundance at a botnet hacked by University of California Santa Barbara researchers earlier this year. The Torpig botnet, like many others, quietly infects Windows computers and harvests personal and financial information. In a project intended to assess the damage, the researchers took over the botnet for just one hour, and in that time they found 300,000 login credentials, 56,000 passwords, 8,310 financial account credentials and hundreds of personal communications. In a ten-day period, the Torpig controllers may have stolen $83,000 to $8.3 million with the help of infected computers. Scarier still, the researchers said breached financial institutions require a “monumental effort” to notify botnet victims. The upswing? If you’re a somewhat tech-savvy computer user with virus scan software and complex passwords (i.e., not the name of your dog), you’re probably fine. [Study (PDF) via Ars Technica]