While trojans/worms that call home via
IRC or IM are nasty, they're easy to trace if you have a corporate firewall policy that blocks access to those services. However, code designed to communicate directly with other compromised systems within the same IP space or via ports that are normally open (think HTTP here) is coming in the near future. The first pointers to development of these capabilities is
here.
Blame RootShell for the link.
No comments:
Post a Comment