Nytro Posted May 17, 2013 Report Posted May 17, 2013 Tor Based Botnets Description: In this video Suriya Prakash shows us a demo on the TOR Based botnet. It is all about POC of TOR botnet. You will learn how to configure and run the TOR based botnet.Blog :- Tor Based Botnets @Defcon Bangalore (DC9180) | Suriya's BlogSecurity researchers have uncovered a new breed of botnets which rely on the functionality offered by the Tor (The Onion Router) anonymity network. A few days ago, at the DefCon Bangalore security conference – 17-year-old researcher Suriya Prakash presented his findings on how botnets are starting to rely more and more on Tor to hide their traces. “They work like all other botnets, but are hidden behind the TOR network and run as a hidden service with .onion domains (many sites like WikiLeaks have mirror sites in the TOR network, or search engines like duckduckgo, and many other illegal sites that cannot exist in the public internet),” Suriya told Softpedia. “You can set it up just like a normal web server but bind it to the port from which TOR hidden service is running and hence your botnet will run behind the TOR network and it will not be possible to trace the C&C server,” he added. “The bots themselves should have an instance of TOR (because only computers in the TOR network can communicate with hidden services servers) and will communicate over the TOR network to send data and receive commands from the server.” The expert highlighted the fact that such botnets could not be disrupted such as the classic ones by revoking domains, banning IP addresses or by requesting the host to take down the website.News Source : - Researchers Find Botnet C&C Servers Hidden in Tor Anonymity Network Sursa: Tor Based Botnets Quote
