Searching for Botnet Command & Controls 114
Orange Eater writes "eWeek has a story about a group of high-profile security researchers intensifying the search for the command-and-control infrastructure used to power botnets for malicious use. The idea is to open up a new reporting mechanism for ISPs and IT administrators to report botnet activity." From the article: "Operating under the theory that if you kill the head, the body will follow, a group of high-profile security researchers is ramping up efforts to find and disable the command-and-control infrastructure that powers millions of zombie drone machines, or bots, hijacked by malicious hackers."
What I don't understand (Score:4, Informative)
Are all botnet operators dumb? There's a whole heap of things botnet operators could do to insulate themselves and their networks from attack. Examples:
Those are just off the top of my head, I'm sure if it was my actual job to operate a botnet I could come up with something far more sophisticated. So why don't botnet operaters do this? Are they all dumb?
Re:What I don't understand (Score:3, Informative)
Enforcement? Hello? (Score:5, Informative)
Re:Enforcement? Hello? (Score:0, Informative)
We notified the FBI the conversation went something like this:
FBI: How much money did your company lose as a result of this attack?
Us: Well maybe a thousand dollars from lost customers, etc.
FBI: If there wasnt $10,000 in damage we can't help you.
It's not that hard. (Score:4, Informative)
I've done it many times whenever I've managed to isolate one of these trojans in Virtual PC. I've also watched the commanders having a great big "LOL" in channel, and felt awful that if I said anything it'd blow my cover. Try it today.