Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security

Pawn Storm Group Makes Trend Micro IP Address a C&C Server 45

Posted by samzenpus from the protect-ya-neck dept.
An anonymous reader writes: Following Trend Micro's disclosure of Russian hacking group Pawn Storm's 7-year campaign against military-industrial targets in and related to the United States, the security company has today announced that one of the IP addresses it owns has been 'designated' by the hackers as a C&C server for their spear-phishing scenario. The intent of the DNS record redirection, according to the company, is likely to be to convince others that it has been hacked (which it hasn't), or else to push one of its IP addresses into administrative blacklists.
This discussion has been archived. No new comments can be posted.

Pawn Storm Group Makes Trend Micro IP Address a C&C Server More

Pawn Storm Group Makes Trend Micro IP Address a C&C Server

Comments Filter:
  • on YouTube as well

    • We have a popular YouTube video which suddenly started getting jibberish comments on it. I'm pretty sure someone's using the comments section as a C&C server.

  • "C&C"

    I always read that as "coffee and cats."

    Pawn Storm Group Makes Trend Micro IP Address a Coffee and Cats Server

    YMMV.

    --
    BMO

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      I read this as...

      Pawn Storm Group Makes Trend Micro IP Address a Command and Conquer [wikipedia.org] server.

      Cool, which game client do they support?

      • Re: (Score:1)

        by Liinux ( 1051016 )

        The story just above this one is "Paralyzed Man Hits the Streets of NYC In a New Exoskeleton", now I have "Mechanical Man" stuck in my head.

  • Command and Conquer (Score:5, Funny)

    by viperidaenz ( 2515578 ) on Wednesday July 15, 2015 @10:14PM (#50121969)

    I thought they were hosting a game server for a minute.

    Command and control isn't as exciting.

    • Everyone talks about how bad Command and Conquer 3 was balanced. In that game there is no financial decisions or tiberium farming strategies like C&C1. You build 95% medium tanks and so does your opponent, and win or lose. Next game? Build all medium tanks.

      But I'm curious about C&C1. I was really good at it with my people at my university, but I'd be curious to see how it holds up if it was laddered. Its probably imbalanced really badly, but it is hard to be more imbalanced than C&C3 wh

    • Re: (Score:2)

      by antdude ( 79039 )

      Well, Command & Control is real life. :P

  • Rick Harrison has a buddy.... (Score:3)

    by BenJeremy ( 181303 ) on Wednesday July 15, 2015 @10:20PM (#50122011)

    So the Pawn Store is dealing with old RTS game servers?

    What?

    • Well that is what they get for replacing there IT guy with an h1b

      and his buddy Marco Rubio wants have an massive increases in the number of H-1b guest-worker

  • Since the summary is impenetrably obfuscated (Score:5, Informative)

    by qubezz ( 520511 ) on Wednesday July 15, 2015 @11:57PM (#50122487)

    Here's the narrative:

    - Trend Micro documented a 0-day Java exploit, leading to it's patching http://blog.trendmicro.com/tre... [trendmicro.com]

    - The hacking org Operation Pawn Storm that was using the exploit got all pissy, and redirected a domain that computers infected with their malware contact, pointed it to an IP address in Trend Micro.

    The domain names contacted for command and control instructions are usually randomly encoded and encrypted, and rotate on a regular basis. The crackers know what the next domain name to be used is, but they are hard to deduce from the binary. Infected systems will likely move on to contacting the next domain/ip looking for remote control instructions in hours/days.

    • Re: (Score:2)

      by gl4ss ( 559668 )

      microsoft security essentials has a more comprehensive detection library than trend micro and doesn't fuck up your hard disk access times.

      maybe pawn storm is trend micro. wouldn't surprise me.

      • Re: (Score:1)

        by Anonymous Coward

        https://www.av-test.org/en/antivirus/home-windows/

        Sort by protection. Behold.

        Are you sure about that? I'm a hardcore MSE user and I'm getting worried, unfortunetely everything I've tried amounts to being overcomplicated. Avira was good, but it blocked all file I/O for 20 seconds on boot. Everything else either has a download.com or cnet.com download link and tries to install toolbars and other shit, or is non free.

        Also like to add that on most of the virustotal samples I look through that get posted by vari

        • Re: (Score:2)

          by wbr1 ( 2538558 )
          Bitdefender Free FTW. Light, high catch rate. MSSE lets too much through now.
    • Thank you for a thankless task. However, I think of pedantic /. summary authors as liking to trolls: the only way to combat them is to ignore them, so that they learn that if they make deciphering their stories a chore, no one will bother to try.

  • Go! Spammers! (Score:1)

    by Anonymous Coward

    Why wouldn't they also add Kaspersky, McAfee, Norton, AVG, Avira, etc to their next batch.

    Fuck, why not add 74.125.21.* and 207.46.163.* to thei C&C list. I wonder if the Google Air Force, or Microsoft have any atomic bombs to drop on Spamhaus?

Slashdot Top Deals

There are two ways to write error-free programs; only the third one works.

Close