Cybercrooks Increasingly Use Tor Network To Control Botnets

alphadogg writes "Malware writers are increasingly considering the Tor anonymity network as an option for hiding the real location of their command-and-control servers, according to researchers from security firm ESET. The researchers recently came across two botnet-type malware programs that use C&C servers operating as Tor 'hidden services.' The Tor Hidden Service protocol allows users to set up services — usually Web servers — that can only be accessed from within the Tor network through a random-looking hostname that ends in the .onion pseudo domain extension. The traffic between a Tor client and a Tor hidden service is encrypted and is randomly routed through a series of computers participating in the network and acting as relays."

Cool.

[magic+maverick+]

Of course, you shouldn't blame Tor for this. I'm sure Freenet could equally be used, but Tor is just easy. Instead, blame the OS manufactures, and the owners of the bot-ridden machines. Seriously. It's your fault if you don't know enough about your car that you ignore the oil light and it seizes up on a highway. And it's your fault if your machine is turned into a cog of part of a greater machine, bending to the whims of some "hacker".

Maybe it's time to bring back computers with the OS stored in ROM, so that is is reset to a clean state every time the computer is restarted.

Anonymity and you

[intermodal]

Anonymity is a powerful force. In both directions. The anonymous writings of the late 18th century were every bit as powerful as a masked bandit.

I, for one, do not consider the risk of Tor to be greater than the benefit.