| Great question: Apologies if I wasn't being clear. For example: the Chinese government has been waging war against the Free Tibet movement for years: https://www.google.com.sg/search?q=chinese+malware+free+tibe... There's a bunch of articles there. One technique is they put up a pro-Free Tibet site, and put malware on it. The visitors get infected and they have an insight into who is interested in that topic and their IP addresses for basic geo location, and maybe remote control of their machines. If we pick a topic that's super interesting for government intelligence people (like the Guccifer blog site itself), and put some awesome non-detectable malware on there, you could potentially infect multiple intelligence officers from multiple countries. When the bots phone home, they will report username, domain name, email addresses, visited URLs, security certificates (or basically anything you want). So you now have a rolodex of machines you can manipulate. Mossad did it...nope....North Korea....nope CIA...nope FBI etc etc Now this is super hard to do in practice. But you only have to be lucky once. |