Tor Network Used To Command Skynet Botnet

angry tapir writes "Security researchers have identified a botnet controlled by its creators over the Tor anonymity network. It's likely that other botnet operators will adopt this approach, according to the team from vulnerability assessment and penetration testing firm Rapid7. The botnet is called Skynet and can be used to launch DDoS (distributed denial-of-service) attacks, generate Bitcoins — a type of virtual currency — using the processing power of graphics cards installed in infected computers, download and execute arbitrary files or steal login credentials for websites, including online banking ones. However, what really makes this botnet stand out is that its command and control (C&C) servers are only accessible from within the Tor anonymity network using the Tor Hidden Service protocol."

This was expected...

[mlw4428]

That's the cost of sane privacy controls -- sometimes it can be used for bad purposes. Society should be looking inwards at the cause of this. Spying on people, tracking their every movement, and abusing the legal systems of countries created a need (and a demand) for a type of security system that would protect you to the n-th degree. Now we've got a solution and it will be abused. What needs to happen is companies that make software need to invest into security and response. We're never going to stop the threat, but we can minimize the damage and downtime.

FUD

[cultiv8]

Why is this such a surprise? If anyone wants to hide a server/service behind the cloak of anonymity, then yes, a tor hidden service is the way to do it. People do it for good reasons (eg. journalists under threat of death for publishing accounts of gov't actions) and nefarious reasons (silk road comes to mind). Hell, even Yelp blocks access from tor nodes b/c (they say) a large majority of bot traffic comes from the tor network. Is this really the first time a botnet has used tor, or is this the first time a botnet has been caught?

Next thing you know, they'll say the bad guys and terrorists use VPN to access the internet.

We need to push encryption to the masses.

[Requiem18th]

Citizen encryption has so tremendous potential that we can't allow goverments and criminals to be the only ones using it. We really need to start pushing encryption into the masses.

Re:Yeah, and?

[girlintraining]

If, by "oppressive governments", you mean places like Saudi Arabia, Iran, or China, I don't think they're looking for excuses to shutdown Tor. They've always seen it as the enemy, and just make it illegal by fiat. They have zero need for excuses to shutdown Tor.

I was also including a certain world superpower with a penchant taking away the rights of their citizens because the terrorists want to take away their rights. This superpower's main diplomat in the middle east is a predator drone that rains hellstone and fire randomly on people who are terrorists only slightly more often than they're innocent civilians. This superpower also has a global and far-reaching spy network to track almost all wireless communications in realtime, worldwide, and has stated it's slowly building in an "internet kill switch" that could disable the entire internet, worldwide, mostly for shits and giggles.

But yeah, Iran, China, etc., they're kinda bad too...