Monday, May 4, 2009

That's why my identity got stolen!

Slashdot points at a recent research paper regarding an infiltration of the Torpig botnet. The sheer amount of data that the botnet collects from the infected nodes is staggering- Roughly 180 thousand infected nodes and enough financial information to steal up to $8.3 million. Running a secure system may not even be enough to protect you, unfortunately:
While 86% of the victims contributed only a single card number, others offered a few more. Of particular interest is the case of a single victim from whom 30 credit card numbers were extracted. Upon manual examination, we discovered that the victim was an agent for an at-home, distributed call center. It seems that the card numbers were those of customers of the company that the agent was working for, and they were being entered into the call center’s central database for order processing.