|
|
|
|
|
|
by throw0101a
2439 days ago
|
|
|
There was a lot of low-hanging fruit given that most malware writers aren't going to set up all of this infrastructure for custom protocols. And even when they did, creating various C&C servers, the lack of ESNI would allow for detecting activity once the daily domain creation algorithm was reverse-engineered: * https://blog.malwarebytes.com/security-world/2016/12/explain... |
|
|