HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » General Discussion (Forum) » Exclusive: FBI Seizes Con...

Wed May 23, 2018, 06:50 PM

Exclusive: FBI Seizes Control of Russian Botnet

The FBI operation targets a piece of sophisticated malware linked to the same Russian hacking group that hit the Democratic National Committee in 2016.


[link:https://www.thedailybeast.com/exclusive-fbi-seizes-control-of-russian-botnet?source=twitter&via=desktop|

10 replies, 4513 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 10 replies Author Time Post
Reply Exclusive: FBI Seizes Control of Russian Botnet (Original post)
blondebanshee May 2018 OP
rzemanfl May 2018 #1
kimbutgar May 2018 #2
iluvtennis May 2018 #6
Wwcd May 2018 #3
bucolic_frolic May 2018 #4
jberryhill May 2018 #5
Qutzupalotl May 2018 #7
saidsimplesimon May 2018 #8
Duppers May 2018 #9
Maraya1969 May 2018 #10

Response to blondebanshee (Original post)

Wed May 23, 2018, 06:55 PM

1. Watch Drumpf defund this. n/t

Reply to this post

Back to top Alert abuse Link here Permalink


Response to blondebanshee (Original post)

Wed May 23, 2018, 07:00 PM

2. I wonder if the server was in the twitler building?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to kimbutgar (Reply #2)

Wed May 23, 2018, 07:37 PM

6. Exactly....LOL

Reply to this post

Back to top Alert abuse Link here Permalink


Response to blondebanshee (Original post)

Wed May 23, 2018, 07:07 PM

3. GEEZ, Read this shite!

 

Kudos to FBI agents in Pittsburg, Federal Magistrate Judge Lenihan, and all involved in bringing this to the surface.


SNIP
"In addition, the victim allowed the FBI to utilize a network tap on her home network that allowed the FBI to observe the network traffic leaving the home router.”


That allowed the bureau to identify a key weakness in the malware.
*If a victim reboots an infected router, the malicious plugins all disappear, and only the core malware code survives.
*That code is programmed to connect over the Internet to a command-and-control infrastructure set up by the hackers.
*First it checks for particular images hosted on Photobucket.com that held hidden information in the metadata.
*If it can’t find those images—which have indeed been removed from Photobucket—it turns to an emergency backup control point at the hard-coded web address ToKnowAll[.]com.

“One plug-in lets the hackers eavesdrop on the victim’s Internet traffic;
another targets a protocol used in the electric grid. A third lets the attacker cripple any or all of the infected devices at will.”


On Tuesday, FBI agents in Pittsburg asked federal Magistrate Judge Lisa Pupo Lenihan in Pittsburgh for an order directing the domain registration firm Verisign to hand the ToKnowAll[.]com address over to the FBI, in order to “further the investigation, disrupt the ongoing criminal activity involving the establishment and use of the botnet, and assist in the remediation efforts,” according to court records. Lenihan agreed,

Reply to this post

Back to top Alert abuse Link here Permalink


Response to blondebanshee (Original post)

Wed May 23, 2018, 07:26 PM

4. I recall reading a good 15 years ago

that all this spam that tried to get you to open and read and click was capable of implanting bits of code on your computer that could later be drawn together for unclear purposes. So someone' known about this for quite a while.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to blondebanshee (Original post)

Wed May 23, 2018, 07:33 PM

5. There are hundreds of control domain names

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to blondebanshee (Original post)

Wed May 23, 2018, 08:03 PM

7. This is a significant advance.

One of the things that has been slowing down the Russia investigation is the threat of retaliation through these means. Now that pressure’s been taken off.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to blondebanshee (Original post)

Wed May 23, 2018, 08:26 PM

8. It is Time for action against

putin's puppets.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to blondebanshee (Original post)

Wed May 23, 2018, 08:41 PM

9. Fortune last yr: "U.S. Takes Down Russian Botnet...

"U.S. Takes Down Russian Botnet Believed to Be Used in Election Hacking After Suspect Arrested in Spain"

April 10, 2017
http://fortune.com/2017/04/10/us-russian-kelihos-botnet/

I'm losing hope that ANYTHING we do will matter. We badly need different tactics.

Dialogue from Mississippi Burning:

"Anderson: These people are crawling out of the SEWER, MR. WARD! Maybe the gutter's where we outta be!"



Reply to this post

Back to top Alert abuse Link here Permalink


Response to blondebanshee (Original post)

Thu May 24, 2018, 12:21 PM

10. This is the best news I've heard in a long time

Our nation was attacked by Russia. Now, we are fighting back. It feels like a relief

Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread