Torpig (Zeus family)
Torpig is a sophisticated type of malware program
designed to harvest sensitive information, such as bank account and credit card
information from its victims.
The Torpig botnet – the network of compromised PCs – which are under the control of cybercriminals are the main means for sending spam e-mails or stealing private information or credentials for the online bank accounts. Torpig also uses a DGA (domain generation algorithm) to generate a list of domains names and locate the Command and Control servers used by hackers.
Users are typically infected through drive-by downloads; a web page on a legitimate website is modified to ask the user for JavaScript code from a web location controlled by the IT criminals. The infected computers run phishing attacks to obtain sensitive data from their victims.