WingNews logo WingNews
top | item 24283113

(no title)

Chickenosaurus | 5 years ago

It seems to me this bot could be disabled.

Every bot has a list of peers and their SSH credentials. This way, peers can reinfect machines that were restarted, thus allowing the bot to be volatile on the infected machine.

The article says the researchers can join the peer-to-peer network. The researchers should be able to get a list of all infected machines including SSH credentials. These credentials could be used to remove the backdoor SSH key, kill the bot & netcat processes and maybe change the SSH password on all infected machines at the same time.

Am I missing something?

discuss

order

net4all|5 years ago

That it is likely to be illegal in many (most?) countries.

Chickenosaurus|5 years ago

Yes, you are surely right. I was mostly wondering if the bot net is actually secure.