Bots Still Trying To Reach Cyberbunker 2.0 Addresses 9 Months After Raid

Bots Still Trying To Reach Cyberbunker 2.0 Addresses 9 Months After Raid (sans.edu) 13

Posted by EditorDavid on Saturday June 27, 2020 @12:34PM from the beyond-the-bunker dept.

Long-time Slashdot reader UnderAttack writes: In September last year, German police raided what was known as "Cyberbunker 2.0", a former cold war nuclear bunker turned into a "bulletproof" hosting facility. A student of the internet security-training company SANS Technology Institute analyzed traffic reaching out for the former Cyberbunker's IP address space.

Over two weeks, thousands of bots called "home" still looking for a command and control server. They also observed a number of phishing sites, as well as an odd ad network still directing users to the Cyberbunker's IPs. You can find the summary here.

Bots Still Trying To Reach Cyberbunker 2.0 Addresses 9 Months After Raid

This discussion has been archived. No new comments can be posted.

Load All Comments

Search 13 Comments Log In/Create an Account

Comments Filter:

This is no surprise at all (Score:4, Interesting)

by Way Smarter Than You ( 6157664 ) writes: on Saturday June 27, 2020 @01:11PM (#60234968)

The command n control center going offline has nothing at all to do with how people maintain their computers.

Grandma got her computer infected. It calls home. Home goes away due to raid. It still tries to call home. No one told grandma to clean up her computer. She doesn't even know anything bad is on it. How could she?

We can't expect the average user to have any idea how their computers work and they shouldn't have to know. These are sold as consumer electronics. I don't know how my toaster oven works. If it had a toaster oven virus I wouldn't know anything about it. Although fortunately my toaster oven doesn't have an IP yet but the next one probably will without an option to disable. It'll need to call the manufacturer to check my toaster oven subscription status before I re-heat my pizza.

- - Re: (Score:2)
    
    by jmccue ( 834797 ) writes:
    
    And I have had no points in a while, otherwise you would have got a +1. But sometimes (often) the first set of posts gets modded but as time goes, it usually reaches where it should be. But maybe cyberbunker bots :)
  - - - Re: This is no surprise at all (Score:1)
        
        by Way Smarter Than You ( 6157664 ) writes:
        
        There I go again, hurting someone's tender feelings.
- Toasters... (Score:2)
  
  by antdude ( 79039 ) writes:
  
  Frakkin Cylons! :P
No shit (Score:3)

by darkain ( 749283 ) writes: on Saturday June 27, 2020 @03:13PM (#60235370) Homepage

File this under the "no shit" category. There are only ~4bil IPv4 addresses possible. EVERY... SINGLE... ONE... of them is being probed 24/7 at this point. Just open up a device with a visible firewall log on any public IP address, and watch the craziness go!

Are you truly clueless? (Score:2)

by BAReFO0t ( 6240524 ) writes:

Why would some fire and forget malware in some clueless user's system suddenly "realize" the server is gone, and "decide" to stop trying?
Did you drink too much cyber-AI Kool-Aid and now think aLgOrYtHmS are people?
Don't write about software, if you never wrote any, please.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Bots Still Trying To Reach Cyberbunker 2.0 Addresses 9 Months After Raid (sans.edu) 13

Bots Still Trying To Reach Cyberbunker 2.0 Addresses 9 Months After Raid More Login

Bots Still Trying To Reach Cyberbunker 2.0 Addresses 9 Months After Raid

This is no surprise at all (Score:4, Interesting)

Re: (Score:2)

Re: This is no surprise at all (Score:1)

Toasters... (Score:2)

No shit (Score:3)

Are you truly clueless? (Score:2)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot