[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Mirai Botnet Relocates To Onions

To: <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Mirai Botnet Relocates To Onions
From: Jason Long <hack3rcon@xxxxxxxxx>
Date: Sun, 18 Dec 2016 18:54:26 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 18 Dec 2016 13:59:11 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1482087534; bh=zIbKufagEEmC+LPyaDuaLCkeuofEW3qUfc1bEVRot5g=; h=Date:From:Reply-To:To:Subject:References:From:Subject; b=A6e+KQsxvjNWczbivdpG5DDOs9KxANX7Fbv6YUFjKFgjWcLJw9cXuBbGXqc6RWB+CVm+j0SizC2DU6plzonEoVL0si5V02xjqbNSK7RPLkCITGEIsr7t0e451QiU2h1OGUlTyYXYkpKpWRW5vV4pPP7wyZ/609Qpj9CmyhFMSPv/p7xiPE290FNQc812gvowIfwqayrpiFLqu+6aWybcpFvXSvTfVDh0bcUx4Eh+Iyc4tVNFPloCV4h8Chum4/sfBveW0RZc2FU62F74vOAB/p+Mnvq9Jj6CggKNQQEP5lUyFOyHd1YwmK9/+uUS7yZvsEfCSFxC45qJk6lnur1RSg==
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1446645808.1225033.1482087266385.ref@mail.yahoo.com>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

How we can protect themselves?
--------------------------------------------
On Sun, 12/18/16, Flipchan <flipchan@xxxxxxxxxx> wrote:

 Subject: Re: [tor-talk] Mirai Botnet Relocates To Onions
 To: tor-talk@xxxxxxxxxxxxxxxxxxxx
 Date: Sunday, December 18, 2016, 9:24 AM
 
 There is alot of botnets that run
 over Tor , there is alot of assholes. 
 
 But if You can identify THE malware You can pretty easy find
 the source code and then THE default cred to shut it down. 
 
 grarpamp <grarpamp@xxxxxxxxx>
 skrev: (18 december 2016 06:11:17 CET)
 >https://www.bleepingcomputer.com/news/security/security-firms-almost-brought-down-massive-mirai-botnet/
 >
 >"Following a failed takedown attempt, changes made to
 the Mirai
 >malware variant responsible for building one of today's
 biggest
 >botnets of IoT devices will make it incredibly harder
 for authorities
 >and security firms to shut it down," reports Bleeping
 Computer.
 >Level3 and others" have been very close to taking down
 one of the
 >biggest Mirai botnets around, the same one that
 attempted to knock the
 >Internet offline in Liberia, and also hijacked 900,000
 routers from
 >German ISP Deutsche Telekom.The botnet narrowly escaped
 due to the
 >fact that its maintainer, a hacker known as BestBuy, had
 implemented a
 >domain-generation algorithm to generate random domain
 names where he
 >hosted his servers.
 >Currently, to avoid further takedown attempts from
 similar security
 >firms, BestBuy has started moving the botnet's command
 and control
 >servers to Tor. "It's all good now. We don't need to pay
 thousands to
 >ISPs and hosting. All we need is one strong server," the
 hacker said.
 >"Try to shut down .onion 'domains' over Tor," he
 boasted, knowing that
 >nobody can.
 >-- 
 >tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
 >To unsubscribe or change other settings go to
 >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
 -- 
 Sincerly flipchan - LayerProx dev
 -- 
 tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
 To unsubscribe or change other settings go to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
 
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Prev by Author: Re: [tor-talk] [off-topic] linux firewall
Next by Author: Re: [tor-talk] Tor and iptables.
Previous by thread: Re: [tor-talk] Mirai Botnet Relocates To Onions
Next by thread: [tor-talk] NoScript problems after TBB 6.08 update
Index(es):
- Author
- Thread