The Kraken botnet, believed by many to be the single biggest zombie network until it was dismantled last year, is staging a comeback that has claimed almost 320,000 PCs, a security researcher said. Since April, this son-of-Kraken botnet has infected an estimated 318,058 machines - about half as big as the original Kraken was at …
this is a title
So one group hires the services of another to do what they're good at. And ``researchers'' are scratching their heads over that audacious, outrageous bit of sheer commercial logic. Huh.
Also, ``subdomain'' is the proper term. HTH, HAND.
All because the average user has no idea what they are doing.....
Sorry its not good enough to cry that tech should be available to all.
If you dont have the faintest idea, you shouldnt be allowed to surf.
We don't let drivers without a licence on our roads!
"We don't let drivers without a licence on our roads!"
but stupid irresponsible people still get cars.
so what does a licence prove?
only that you can drive safely at least once in your life.
... commentards shouldn't be allowed to post on El Reg's forums if they don't have the faintest idea of what they're talking about either!
they'll be wet ashes then.
Oh no, they've discovered subdomains!
Domain owners are responsible for their subdomains.
A solution will be found when registrars threaten to kill off the whole of dyndns.org/no-ip.com etc.
dynamic DNS services
so if the Dyn dns services all start playing ball they can come down faster than using the registra? presumably they have offence reporting proceedures.
Are you saying
that I could register anonymous.coward.microsoft.com via dynamic dns? Why the F*** would that be allowed?
RE: Are you saying
Not that I'm aware of. If you take a gander at places like afraid.org (who offers free DNS hosting) you'll see there are many publicly available domains with which to create a subdomain with. I have had some run-ins with botnets that relied on IRC command channels using domains from that site. One variant used the subdomain "icp.chickenkiller.com" which has since been directed to 127.0.0.1 for obvious reasons. Another instance used the subdomain "irc.mouse-hole.com" which is still pointed to 184.108.40.206, an old (prior to them being raided) FOONet IP address.
That being said, it looks like at least one dynamic DNS hosting site is trying to do something to combat bot herders using their services.
- Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
- Analysis Oh no, Joe: WinPhone users already griping over 8.1 mega-update
- AMD demos 'Berlin' Opteron, world's first heterogeneous system architecture server chip
- Leaked pics show EMBIGGENED iPhone 6 screen
- OK, we get the message, Microsoft: Windows Defender splats 1000s of WinXP, Server 2k3 PCs