|
|
|
|
|
|
by wccrawford
5438 days ago
|
|
|
If you were designing something illegal and profitable, would you use a third party's site to control your system? Why would you give them the power to shut you down? It's not like it's hard... The messages follow a pattern. They have to be easy to find. |
|
|
C&C over a known service like Twitter, Facebook, etc. is not -- I'd be more likely to assume it's legitimate traffic and not investigate.
What's really surprising is that the bot authors didn't even make a naive attempt to disguise its purpose. Perhaps that shows that this C&C pattern works really well and is not often detected.