Tor Network Used To Command Skynet Botnet 105
angry tapir writes "Security researchers have identified a botnet controlled by its creators over the Tor anonymity network. It's likely that other botnet operators will adopt this approach, according to the team from vulnerability assessment and penetration testing firm Rapid7. The botnet is called Skynet and can be used to launch DDoS (distributed denial-of-service) attacks, generate Bitcoins — a type of virtual currency — using the processing power of graphics cards installed in infected computers, download and execute arbitrary files or steal login credentials for websites, including online banking ones. However, what really makes this botnet stand out is that its command and control (C&C) servers are only accessible from within the Tor anonymity network using the Tor Hidden Service protocol."
This was expected... (Score:5, Insightful)
Governments will love this (Score:2, Insightful)
A perfect opportunity to continue their campaign on the evils of anonymity and tools that enable it.
FUD (Score:5, Insightful)
Next thing you know, they'll say the bad guys and terrorists use VPN to access the internet.
We need to push encryption to the masses. (Score:5, Insightful)
Citizen encryption has so tremendous potential that we can't allow goverments and criminals to be the only ones using it. We really need to start pushing encryption into the masses.
Re:This was expected... (Score:2, Insightful)
Or, is it some bullshit plot and propaganda cooked up by our asshat federal government to justify screwing the crap out of the creaTORs.
In this age of federal lies and manipulation by Repubmocrat swine , does not the wisdom " don't believe what you read in the media" take on that third dimension in bold print and multi colored neon?
In a perfect world the paperboy would only bring the funnies.
New law in 5...4...3...2...1 (Score:5, Insightful)
From the little I've read, it seems that they use a distributed host of volunteer servers to run the TOR network, so it might not be that easy to 'shut-down' the entire network (lack of centralized host) - If I'm wrong, I'd love to know why.
My concern is that they will make TOR access illegal. Clearly, we can't count on Google/Microsoft/Amazon/Apple/Facebook/Big-Biz to raise a finger - they prey off identifying and targeting customers. Privacy and anonymity must hurt their bottom line. So unlike SOPA/PIPA, I doubt that any major group will oppose a new law against this. And most people won't care - hell, if Wikipedia didn't have a blackout, I doubt SOPA would have got any news time on a 'major' news network at all.
Is there a way to detect TOR access uniquely? Or does the encryption make it look like any VPN/secure connection? I recollect reading about a method that could identify IP address accessing TOR (don't remember the details), I'm not sure if that hole was plugged (or if it can be plugged).
Re:Yeah, and? (Score:5, Insightful)
If, by "oppressive governments", you mean places like Saudi Arabia, Iran, or China, I don't think they're looking for excuses to shutdown Tor. They've always seen it as the enemy, and just make it illegal by fiat. They have zero need for excuses to shutdown Tor.
I was also including a certain world superpower with a penchant taking away the rights of their citizens because the terrorists want to take away their rights. This superpower's main diplomat in the middle east is a predator drone that rains hellstone and fire randomly on people who are terrorists only slightly more often than they're innocent civilians. This superpower also has a global and far-reaching spy network to track almost all wireless communications in realtime, worldwide, and has stated it's slowly building in an "internet kill switch" that could disable the entire internet, worldwide, mostly for shits and giggles.
But yeah, Iran, China, etc., they're kinda bad too...
Re:This was expected... (Score:5, Insightful)
Hell, I'm absolutely positive that this isn't [slashdot.org] the [slashdot.org] first [slashdot.org] time [slashdot.org] a criminal has ever used Tor to cover up crimes. So unless you actually think Silk Road was created by the government, pretty sure OP is right, and this is a problem that they brought upon themselves by removing people's privacy in the first place.
Re:This was expected... (Score:4, Insightful)
The asshat federal US government sponsored the creation of Tor [wikipedia.org]. Governments who want to crack down on the use of Tor are already doing so openly without resorting to the cloak and dagger tactics you seek to imagine.
But carry on. The disconnected phrasing of your post hints that observable reality does not significantly influence your thinking.
Re:Yeah, and? (Score:4, Insightful)
So the US Navy helped create TOR.
So what? DARPA helped develop the internet too, but that hasn't seemed to make a difference to many in the US government who have been working hard at crippling the free and open nature of the internet and the ability to communicate anonymously, and for many of the same reasons they would want TOR effectively de-fanged.
Those who who would make government and themselves our overlords will always take action to neutralize anything that can be used to oppose them, no mater how, what, where, why, or by whom it was developed...even if it was themselves. Just look at the history and development of modern firearms in the US from just prior to WW1 until now, and the ever-growing encroachments, conditions, and restrictions that have been placed upon the Second Amendment.
First you disarm them, then you take away the ability to communicate and organize anonymously.
And for all the people I see and hear cheering on the expansions of government, and then hear them bitch and moan whenever the government gets all jack-booty, it makes me think that maybe the colonists should have just paid the damned tea taxes and the stamp taxes, swore fealty to King George, and kept their damned mouths shut.
We've proven we don't give a shit about and don't deserve what they suffered and died and risked themselves and their families to give us.
Strat