The bitcoin blockchain is helping keep a botnet from being taken down

by
Dan Goodin
from Ars Technica - All content on (#5EHRR)
botnet6-800x450.jpg

Enlarge (credit: Aurich Lawson / Ars Technica)

When hackers corral infected computers into a botnet, they take special care to ensure they don't lose control of the server that sends commands and updates to the compromised devices. The precautions are designed to thwart security defenders who routinely dismantle botnets by taking over the command-and-control server that administers them in a process known as sinkholing.

Recently, a botnet that researchers have been following for about two years began using a new way to prevent command-and-control server takedowns: by camouflaging one of its IP addresses in the bitcoin blockchain.

Impossible to block, censor, or take down

When things are working normally, infected machines will report to the hardwired control server to receive instructions and malware updates. In the event that server gets sinkholed, however, the botnet will find the IP address for the backup server encoded in the bitcoin blockchain, a decentralized ledger that tracks all transactions made using the digital currency.

Read 21 remaining paragraphs | Comments

index?i=xztg9lhWfQs:Utq1QEBOY2s:V_sGLiPB index?i=xztg9lhWfQs:Utq1QEBOY2s:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments