Month: September 2022

SCALABLE SWARMS. “I have written several times about the next step in the evolution of botnets being a scalable architecture based on integrated and autonomous swarm intelligence. Swarm-based attacks can significantly decrease the time needed to breach a system by leveraging things like stigmergy, which is a consensus-based social network mechanism of indirect coordination between agents.” https://lnkd.in/dBM3R6W View in LinkedIn

SWARM INTELLIGENCE. “Swarm-based insect colonies such as ants and bees use this process to manage the collection and distribution of resources and workloads. Likewise, artificial swarms can quickly share collected intelligence, accelerate trial and error, and then apply specific attacks to a vulnerability by leveraging those specialized members of the swarm armed with specific exploits.” https://lnkd.in/dBM3R6W View in LinkedIn

MALWARE ADVANTAGE. “Not only will this emerging development accelerate the time required to breach a system, but the sheer volume that can be applied by a swarm-based botnet targeting multiple devices and exploits simultaneously can quickly overwhelm traditional defense systems.” https://lnkd.in/dBM3R6W View in LinkedIn

BOTNET SWARMS. “The Hide ‘N Seek IoT botnet, first detected this past spring, has moved the bar significantly closer to enabling a botnet to function as a swarm. It communicates in a complex and decentralized manner using custom-built peer-to-peer communication to implement a variety of malicious routines. It also leverages multiple anti-tampering techniques to prevent a third party from hijacking or poisoning it, and it is also the first IoT botnet malware strain that can survive device reboots and still remain on compromised devices.” https://lnkd.in/dBM3R6W View in LinkedIn

“WICKED, another Mirai-based botnet variant, recently added at least three new exploits to its toolkit, enabling it to target unpatched IoT devices better.” https://lnkd.in/dBM3R6W View in LinkedIn

MORE EXAMPLES. “And VPNFilter, the advanced nation-state-sponsored attack, is also able to target SCADA/ICS environments. VPNFilter represents a significant new threat because it not only performs data exfiltration but can also render devices, including industrial control systems, completely inoperable. It can shut off compromised devices individually, or shut them all off simultaneously using a centralized trigger.” https://lnkd.in/dBM3R6W View in LinkedIn

SWARM EMERGENCE. “Tools like AutoSploit are another critical building block in enabling people to build the new generation of swarm networks.” https://lnkd.in/dBM3R6W View in LinkedIn

BLOCKCHAIN BOTS. “Bitcoin taught us it was possible to build systems that are deployed between multiple entities to conduct transactions without compromising the privacy of individual participants. This ability makes Blockchain a desirable candidate for creating anonymous C2 systems. Until recently, however, this was just a theory. But now, security researcher Omer Zohar has successfully used blockchain technology to create a takedown-resistant, command-and-control infrastructure for botnets built on top of the Ethereum network.” https://lnkd.in/dBM3R6W View in LinkedIn

LEADERLESS SWARM. “The goal of this work is to use some of evolutionary algorithms, more precisely swarm intelligence algorithms, and make a malware upon them. It follows an idea that the malware is going to have a decentralized behaviour. There will be no master to operate all virus instances but each one of them will act on its own.” A very interesting thesis. https://lnkd.in/dv5x_qY View in LinkedIn

LACKING LOOPS. “They will utilise an intelligence originating from crowd stored as a complex network. The network will have certain structure reflecting this intelligence and will help virus instances to visit interesting files in a file system. Basic file system is a tree-based structure. That means no loops. This structure is not very feasible for a swarm dynamics so it will be mapped into the network.” https://lnkd.in/dv5x_qY View in LinkedIn