Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Torpig Trojan Horse Attack Activity

by Marianna Schmudlach Nov 6, 2008 8:06AM PST

added November 6, 2008 at 05:06 pm

US-CERT is aware of public reports of a high volume of financial accounts compromised by the Torpig (also known as Sinowal or Anserin) Trojan horse. This Trojan horse uses HTML injection to add fields to web pages in order to convince users to provide additional user credentials or financial account information. Systems compromised by this Trojan horse are being used by attackers to obtain FTP credentials, email addresses, and digital certificates of the current user.

This Trojan horse uses an MBR rootkit known as Mebroot. This rootkit contains configuration information for the Trojan horse as well as techniques used to keep the Trojan horse undetectable.

US-CERT encourages users to do the following preventative measures to mitigate the security risks:


More: http://www.us-cert.gov/current/current_activity.html#sinowal_trojan_activity

Discussion is locked

Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info