Torpig.Mebroot

Analysis

Torpig is a backdoor trojan with the ability to install a fraudulent certificate intended to make a victim believe they are visiting an SS-secured website even though they are not. It can intercept Windows API calls and steal usernames and passwords.

Its main focus is capturing banking credentials.

More details can be found in our write-up hungry hungry botnets a look at torpig.