Применение Tor - дальнейший шаг в эволюции ботнетов. В данном случае, говорят изыскатели G Data SecurityLabs, обладатели спрятали за анонимайзером IRC-сервер, с которого идут команды. Таким образом, они решают сразу несколько загвоздок: прячут сервер, усложняют перехват управления ботнетом, усложняют блокировку трафика, упрощают задачу по разработке протокола: то есть им вообще не необходимо разрабатывать новейший зишифрованный протокол, довольно обыкновенного IRC, тот, что идёт через Tor.
The owner of one of ботнетов in recent interview on site Reddit said that its boats work as релеи Tor, helping other users, and the traffic from the command server too goes through a network анонимайзеров. Probably, it it ботнет was just found out by company G Data SecurityLabs. Experts G Data SecurityLabs have informed that found out ботнет uses the classical P2P-scheme in which each boat has possibility to establish direct connection with other boat. These communications too are carried out in network Tor, that is boats work as релеи - in exact conformity with the description of the anonymous student on Reddit. C&C-сервера it is enough to owners to send a command to one boat in a network - and that will transfer to its rests. Actually, the similar P2P-scheme of work ботнетов is used for a long time already that gives the chance to the authorities to intercept management ботнетом. Use Tor - the following step to evolution ботнетов. In this case, researchers G Data SecurityLabs speak, owners have hidden for анонимайзером the IRC-server from which there are commands. Thus, they solve at once some problems: hide the server, complicate management interception ботнетом, complicate traffic blocking, simplify a problem on report working out: that is they do not need to develop new зишифрованный the report, enough usual IRC which goes through Tor.
Теги: взлом,хакеры,кракозябр,krakoziaber,безопасность,защита информации, антивирус,антихакер,P2P-botnet,хакатак,ddos,эксплойт
Комментариев нет:
Отправить комментарий