On Sat, Dec 17, 2016 at 10:59:37PM -0700, Mirimir wrote: > > "Try to shut down .onion 'domains' over Tor," he boasted, knowing that > > nobody can. > > OK. However, it's not hard to scan for connections to Tor servers. And > you don't expect them for random devices. But maybe Mirai is setup to > use bridges.
Yuck. The 2013 botnet operator from Ukraine apparently stopped using Tor for controlling his bots (they were doing ad click fraud), because he attracted way more attention signing them all up to Tor than they had attracted before, and in the end he decided it wasn't worth it. For a while I've been trying to figure out how to share his lesson with other botnet operators around the world. The western journalists are alas super excited to talk about how amazing and brilliant and insightful the idea is to move your botnet over to Tor, and if some new botnet operator only reads those stories, they won't get an accurate impression. :( (Keep an eye on the user graph on the metrics page, because there's a good chance that this story is nonsense and the graph won't change at all.) --Roger -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
