The Sinowal Trojan, or Torpig or Mebroot, or whatever other name you would like to give the thing has been thriving on PCs around the world for almost 3 years now.  That is not because no anti-virus or anti-malware program can remove it, it is because of the apathy of users and network admins who will get around to that patch or update next Monday.  That is of course assuming that they are even aware of the updates and patches or if they are simply wait for their nephew who knows computers to visit at Christmas and clean up the PC.  The net needs people to either act as or create antibodies for the Internet, as the user base is untrustworthy at the very least.  This idea is being worked on (pdf), but it will take a long while before the antibodies can be effective and perhaps even longer before a nematodes and other beneficial worms are not perceived as an intruder by admins. In the meantime, take heart in the news that Torpig has been dragged onto the operating table, dissected, examined and reconstructed.  Read about it at Slashdot.

“A team of researchers at UC Santa Barbara have hijacked the infamous Torpig botnet for 10 days. They have released a report (PDF) that describes how that was done and the data they collected. They observed more than 180K infected machines (this is the number of actual bots, not just IP addresses), collected 70GB of data stolen by the Torpig trojan, extracted almost 10K bank accounts and credit card numbers worth hundreds of thousands of dollars in the underground market, and examined the privacy threats that this trojan poses to its victims. Considering that Torpig has been around at least since 2006, isn’t it time to finally get rid of it?”

Here is some more Tech News from around the web:

Tech Talk