|
|
|
|
|
|
by ffsm8
80 days ago
|
|
|
Isn't that already how it is? I mean the compromised machine registers itself on the command server and occasionally checks for workloads. The hacker then decides his next actions - depending on the machine they compromised they'll either try to spread (like this time) and make a broad attack or they may go more in-depth and try to exfiltrate data/spread internally if eg a build node has been compromised |
|
|