Tor Network Used To Command Skynet Botnet

angry tapir writes "Security researchers have identified a botnet controlled by its creators over the Tor anonymity network. It's likely that other botnet operators will adopt this approach, according to the team from vulnerability assessment and penetration testing firm Rapid7. The botnet is called Skynet and can be used to launch DDoS (distributed denial-of-service) attacks, generate Bitcoins — a type of virtual currency — using the processing power of graphics cards installed in infected computers, download and execute arbitrary files or steal login credentials for websites, including online banking ones. However, what really makes this botnet stand out is that its command and control (C&C) servers are only accessible from within the Tor anonymity network using the Tor Hidden Service protocol."

This was expected...

[mlw4428]

That's the cost of sane privacy controls -- sometimes it can be used for bad purposes. Society should be looking inwards at the cause of this. Spying on people, tracking their every movement, and abusing the legal systems of countries created a need (and a demand) for a type of security system that would protect you to the n-th degree. Now we've got a solution and it will be abused. What needs to happen is companies that make software need to invest into security and response. We're never going to stop the threat, but we can minimize the damage and downtime.

Re:This was expected...

[flyneye]

Or, is it some bullshit plot and propaganda cooked up by our asshat federal government to justify screwing the crap out of the creaTORs.
In this age of federal lies and manipulation by Repubmocrat swine , does not the wisdom " don't believe what you read in the media" take on that third dimension in bold print and multi colored neon?
In a perfect world the paperboy would only bring the funnies.

Re:This was expected...

[dririan]

The person you replied to with your tin foil hat spiel actually made a pretty decent point. Even if this is somehow some "bullshit plot and propaganda" (why would they wait until now to do this, by the way?), people creating tools to give themselves privacy because they don't have it otherwise because of "[s]pying on people, tracking their every movement, and abusing the legal systems of countries created a need (and a demand) for a type of security system that would protect you to the n-th degree" (quoting OP, not you) has inadvertently given criminals the same amount of privacy to do nasty things (such as hosting C&C for a botnet), and also that this would have been avoided by giving people privacy and treating them like humans. If this actually is some "bullshit plot and propaganda", there is absolutely nothing stopping it from becoming real.

Hell, I'm absolutely positive that this isn't the first time a criminal has ever used Tor to cover up crimes. So unless you actually think Silk Road was created by the government, pretty sure OP is right, and this is a problem that they brought upon themselves by removing people's privacy in the first place.

Re:This was expected...

[Arancaytar]

The asshat federal US government sponsored the creation of Tor. Governments who want to crack down on the use of Tor are already doing so openly without resorting to the cloak and dagger tactics you seek to imagine.

But carry on. The disconnected phrasing of your post hints that observable reality does not significantly influence your thinking.

Governments will love this

A perfect opportunity to continue their campaign on the evils of anonymity and tools that enable it.

FUD

[cultiv8]

Why is this such a surprise? If anyone wants to hide a server/service behind the cloak of anonymity, then yes, a tor hidden service is the way to do it. People do it for good reasons (eg. journalists under threat of death for publishing accounts of gov't actions) and nefarious reasons (silk road comes to mind). Hell, even Yelp blocks access from tor nodes b/c (they say) a large majority of bot traffic comes from the tor network. Is this really the first time a botnet has used tor, or is this the first time a botnet has been caught?

Next thing you know, they'll say the bad guys and terrorists use VPN to access the internet.

We need to push encryption to the masses.

[Requiem18th]

Citizen encryption has so tremendous potential that we can't allow goverments and criminals to be the only ones using it. We really need to start pushing encryption into the masses.

New law in 5...4...3...2...1

[Kwyj1b0]

From the little I've read, it seems that they use a distributed host of volunteer servers to run the TOR network, so it might not be that easy to 'shut-down' the entire network (lack of centralized host) - If I'm wrong, I'd love to know why.

My concern is that they will make TOR access illegal. Clearly, we can't count on Google/Microsoft/Amazon/Apple/Facebook/Big-Biz to raise a finger - they prey off identifying and targeting customers. Privacy and anonymity must hurt their bottom line. So unlike SOPA/PIPA, I doubt that any major group will oppose a new law against this. And most people won't care - hell, if Wikipedia didn't have a blackout, I doubt SOPA would have got any news time on a 'major' news network at all.

Is there a way to detect TOR access uniquely? Or does the encryption make it look like any VPN/secure connection? I recollect reading about a method that could identify IP address accessing TOR (don't remember the details), I'm not sure if that hole was plugged (or if it can be plugged).

Re:Yeah, and?

[girlintraining]

If, by "oppressive governments", you mean places like Saudi Arabia, Iran, or China, I don't think they're looking for excuses to shutdown Tor. They've always seen it as the enemy, and just make it illegal by fiat. They have zero need for excuses to shutdown Tor.

I was also including a certain world superpower with a penchant taking away the rights of their citizens because the terrorists want to take away their rights. This superpower's main diplomat in the middle east is a predator drone that rains hellstone and fire randomly on people who are terrorists only slightly more often than they're innocent civilians. This superpower also has a global and far-reaching spy network to track almost all wireless communications in realtime, worldwide, and has stated it's slowly building in an "internet kill switch" that could disable the entire internet, worldwide, mostly for shits and giggles.

But yeah, Iran, China, etc., they're kinda bad too...

Re:Yeah, and?

[BlueStrat]

I was also including a certain world superpower

The one who developed TOR in the first place? Ya I figured you would, it wouldn't be a proper antidisestablishmentarism rant without them.

So the US Navy helped create TOR.

So what? DARPA helped develop the internet too, but that hasn't seemed to make a difference to many in the US government who have been working hard at crippling the free and open nature of the internet and the ability to communicate anonymously, and for many of the same reasons they would want TOR effectively de-fanged.

Those who who would make government and themselves our overlords will always take action to neutralize anything that can be used to oppose them, no mater how, what, where, why, or by whom it was developed...even if it was themselves. Just look at the history and development of modern firearms in the US from just prior to WW1 until now, and the ever-growing encroachments, conditions, and restrictions that have been placed upon the Second Amendment.

First you disarm them, then you take away the ability to communicate and organize anonymously.

And for all the people I see and hear cheering on the expansions of government, and then hear them bitch and moan whenever the government gets all jack-booty, it makes me think that maybe the colonists should have just paid the damned tea taxes and the stamp taxes, swore fealty to King George, and kept their damned mouths shut.

We've proven we don't give a shit about and don't deserve what they suffered and died and risked themselves and their families to give us.

Strat