Cybercriminals Building New, Stealthier Networks 107
ancientribe writes "Cybercriminals are adopting a new method of hiding and sustaining their malicious Websites and botnet infrastructures so they'll be harder to detect, called "fast-flux," according to an article in Dark Reading. Criminal organizations behind two infamous malware families — Warezov/Stration and Storm — in the past few months have separately moved their infrastructures to so-called fast-flux service networks. The article says bad guys like fast-flux not only because it keeps them up and running, but also because it's more efficient than traditional methods of infecting victims' machines." I'm not exactly sure why this is new/different than the more well known open relay proxy networks.
Know Your Enemy paper on Fast Flux just out (Score:5, Informative)
Re:What's special about port 80? (Score:2, Informative)
There are a number of small (and I mean tiny - think 100 clients max) ISPs around my city alone, whose networking expertise is close to nil. They go with default settings of the equipment they get. So even if they put up a firewall of sorts to protect their clients, it is left at default settings.
The fact is there are not only tons of users out there without a clue, but a nice bunch of ISPs as well and sloppy network admins, sometimes even of large organizations.
Re:What's special about port 80? (Score:5, Informative)
Re:The word is "hacker". (Score:3, Informative)
Checking http://en.wikipedia.org/wiki/Hacker_definition_co
I hope whoever modded your pitifully binary views on the meaning of language terms as Insightful gets his due via meta-moderation... It is true that the new meaning of this term seems to be the more used one now, in what way does that make the old meaning obsolete, or the more exact and unambiguous term "cybercriminal" superfluous or undesirable?
Fast-flux networks aren't proxies (Score:4, Informative)