Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Attackers Setup Botnet C&C Servers in Enterprise Walls

wiredmikey (1824622) writes | more than 2 years ago

Botnet 0

wiredmikey (1824622) writes "Skilled attackers are burrowing their command and control (C&C) servers inside the networks of compromised businesses in order to circumvent security measures, according to a security expert familiar with the innovative new attack method.The advantage is that none of that C&C traffic is passing through perimeter firewalls or intrusion detection systems — so it is very unlikely to be detected. While the attacker still needs to send that single communication per day with any stolen data / issuing new commands, this is trickier to detect.

In many cases, the compromised servers being used for C&C were compromised in previous attacks and hackers were able to maintain access.

Also interesting, is that attackers conducting these types of attacks have been seen applying software patches to the compromised systems in an effort to ensure other attackers are kept out.

The new attack tactic adds two more steps to forensic investigation, as now investigators must conduct a penetration test from inside out in order and identify the service wherein a syscall proxy has been embedded in the memory space."

Link to Original Source

cancel ×

0 comments

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...