|
|
|
|
|
|
by derefr
4667 days ago
|
|
|
> Typically, it is fairly clear what the purpose of malware is, such as banking, clickfraud, ransomware or fake anti-virus malware. In this case however it is a bit more difficult. I think the article answers its own question the paragraph previous: > While some bots continue to operate using the standard HTTP connectivity, some versions of the malware use a peer-to-peer network to communicate (KAD based). Tor and Kademlia are both rather complex systems. To use one or the other, but not both, in different versions of your botnet, would suggest to me that this is a botnet creator split-testing the effectiveness and scalability of different command-and-control technologies. |
|
|