- 15 Дек 2017
- 0.00034 BTC
Source includes both PANEL, and APK Builder.
Botnet creators have tried to use many tactics to hide their presence, their traffic and location management server (CnC).
To this end, we have seen the development of things like algorithms generate DGA or Domain Generation, which dynamically creates new CnC-addresses that are pre-created by the owner of botnets to frequently move their traffic to avoid detection / blocking.
We also saw the use of TOR, an anonymous "sub-web" used to accommodate CnC servers with a small probability that the owner of the server will be found.
Although most of these improvements in botnet technology has been made specifically for desktop computers, we see a huge boost to the use of the same tactics on mobile platforms such as Android.
Today article published Roman Unuchekom from Kaspersky, described the opening of the first «TOR Trojan for Android» and how cyber criminals have the source code for Orbot network client for Android and modified it with the help of malicious functions, such as What Botha would be. These features include: