Thursday, January 10, 2008

Fast Flux

Thinking fast flux - New bait for advanced phishing tactics

Years ago, attackers would often have one or two really important machines that were the centerpiece of their criminal money-making schemes. The bad guys, thus, often faced one or more single points of failure in their criminal infrastructures. A phisher's imposter Web site could be taken out. A spammer's mail server could be added to a blacklist. And for bot-herders, an IRC server, historically used by many botnets to distribute commands to all of the bot-infected hosts, could be shut down.

So, how have today's enterprising bot-herders, making millions of dollars from their criminal empires, responded to the single points of failure? Two words: fast flux.
Since the summer of 2007, there has been an explosion of large-scale fast-flux botnets. With this technique, bad guys can leverage thousands of disposable drone machines as intermediaries, rapidly swapping among different systems, confounding investigators who try to trace back a constantly fluctuating set of targets.

Full Article Can Be Read Here.

No comments: