Shodan is updated with a new feature which can find the malware command and control servers.

Shodan’s New Tool Can Find Malware Command and Control Servers

Monday, May 08, 2017 Sensei Fedon 0 Comments


Shodan is updated with a new feature which can find the malware command and control servers.


This search engine for the open portals and databases are a great help ever since it was introduced. However, now it is making it much easier for everyone to find out the servers which control the botnets, which is generally expected to result in a law enforcement cracking down on them.
This new search engine is introduced earlier this week and it can be used to find out the servers which control the malware that generally plagues our computers.
The Security firm “Recorded Future” helped create this new tool that searches the Internet for command and control servers of remote access trojans (RATs). These are often found infecting computers with malware which allows these attackers to record from device’s webcam, microphone, and even the keystrokes. Finding the command and control centres can be hard since they can be anywhere in the world and law enforcement has been having a hard time with this. Now, with Shodan, things just got a lot easier.
In order to succeed, Shodan’s crawler pretends to be an infected client reporting back to the C2 server. In order to figure out which server is controlling malware, the crawler pings every IP address on the Internet. If it gets a working response, it knows that’s the server it needs.
Thus far, Shodan has found over 3,000 command and control servers operating 10 different kinds of trojans.
People who want to play around with Shodan’s Malware Hunter can do so, but they might encounter some security software alerts as they do so.
A free Shodan account is needed to view the results.

0 comments: