republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsJob BoardISP NewsFAQsForumsToolsDatabaseAbout 
 
   News
newer
story category IRC Botnet Control No Longer Fashionable
Botnet masters now more difficult to track
(old news - 07:58AM Friday Oct 20 2006)
tags: security
Cyber-criminals are using new methods to control their armies of infected computers, aka botnets - after the use of IRC as a control mechanism started making them easier to track. According to CNET, infected PCs now get commands from websites hosted on other infected machines. ""These bots look like people browsing the Web," ine analyst tells CNET. "The brilliance here--and I hate to compliment the botmasters--is that they know that there is a giant haystack of Web traffic, and if they hide their command-and-control there, it is harder to spot."

Related:
  1. VoIP Vulnerabilities Being Exposed Today
  2. Monday Morning Links
  3. Tuesday Morning Links
  4. Tuesday Evening Links
  5. Wednesday Evening Links
  6. Thursday Evening Links
  7. Monday Evening Links
  8. Tuesday Morning Links
Forums » IRC Botnet Control No Longer Fashionable
view: topics flat text 
Post a:

Phattieg

join:2001-04-29
Jacksonville, FL
·Verizon Wireless B..
·Sprint Mobile Broa..

WOW, it took them this long...

You know, it DOES suck that people have to be constantly subjected to attacks by these infections. You would think that the attackers would have done this sooner, but then again, I would imagine it's more time consuming to edit a page, and wait for your bots to come to it, versus just popping in a chatroom the bots are always in, and issue the command in realtime. Either way, this is no different than tracking BitTorrent files, as you have to have a point of reference in either case. It won't be long before there is trackers for this too. Give it to ol' Steve Gibson (www.grc.com). He'll have fun scaring the kids doing it.
--
SIPPhone/Gizmo # 17476200648 / PIMPNET Chatline / Ran by Asterisk & Slackware 10.1.
permalink · 2006-10-20 08:52:13 · Print · Reply to this
BosstonesOwn

join:2002-12-15
Everett, MA
clubs:
·Comcast Formerly ..

hmm

Makes it easier to disrupt and take control over also. Should be as easy as hijacking the domain or even the ip with a known good page or what ever is used to control the bot net.

If they use a domain they simply hijack the ip it looks up to until they break the net.

if they use an ip they can request the ip from the isp and just run a config to allow the systems to patch themselves then uninstall the bot software and backdoor or user that they used to gain access.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!"
permalink · 2006-10-20 12:32:21 · Print · Reply to this

shane349
Premium
join:2005-03-21
Delta, OH

Re: hmm

you cant hijack an ip.. if i want an ip from the planet rr will laugh at me. dont see that happening.. if that could be done, i would believe alot more irc servers wouldnt be here right now..
permalink · 2006-10-20 12:44:03 · Reply to this

Fatal Vector

join:2005-11-26

Re: hmm



For every scheme this scum can come up with, there is a counter. They may be clever, but there are a lot more people out there just as clever, if not more so. Just give it a little time. Sooner or later, the scum will run out of places to hide ad the pressure mounts.
permalink · 2006-10-20 13:10:20 · Reply to this
BosstonesOwn

join:2002-12-15
Everett, MA
clubs:
·Comcast Formerly ..
said by shane349 See Profile :

you cant hijack an ip.. if i want an ip from the planet rr will laugh at me. dont see that happening.. if that could be done, i would believe alot more irc servers wouldnt be here right now..
actually you can hijack an ip. you just need to be a very talented individual.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!"
permalink · 2006-10-23 07:20:27 · Print · Reply to this

dvd536
as Mr. Pink as they come
Premium
join:2001-04-27
Phoenix, AZ

IRC

IRC was the elegant way to do this. worked great until channels / servers started getting locked then the bots couldn't join. the same thing would happen with a web server. remove the page/access and your whole army goes AWOL. lol
--
You can never be too rich, too thin or have too much Bandwidth
permalink · 2006-10-20 17:41:21 · Reply to this

lucky644
Premium
join:2002-02-04

Re: IRC

said by dvd536 See Profile :

IRC was the elegant way to do this. worked great until channels / servers started getting locked then the bots couldn't join. the same thing would happen with a web server. remove the page/access and your whole army goes AWOL. lol
Not difficult if you hack into a unsecure server somewhere and install your own IRC network.

Channels won't get locked or closed, all you have to worry about is the server going down, which is why you have several...
permalink · 2006-10-20 21:57:54 · Print · Reply to this
Forums » IRC Botnet Control No Longer Fashionable

Tuesday, 07-Oct 17:56:55 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 9 years online! © 1999-2008 dslreports.com.republican-creole