Why would botnet harvesting be done by domain name anyways? Wouldn't it be easier to collect systems by just running through accessible IP addresses?
RTFA. The bots are generating domain names which they then attempt to contact in order to re-connect with botnet control.
It's very clever, really. The algorithm can generate a near-endless list of domain names, and all the botnet owners have to do is register one of them and set it up to respond to the bots.
On the other hand, in order to block this attempt by the bots to re-connect with the botnet owner, you have to pre-emptively register ALL domains which the algorithm generates. So in the long run, it's not financially feasible to block this.
I assume that the researchers are now going to try to make arrangements directly with the registrars to block registration of such domains in the future -- hope they can get co-operation on this.
Say "twenty-three-skiddoo" to logout.