Attackers Adjusting Tactics to Evade Reputation Systems

One of the consequences of the exhaustion of the IPV4 address space is that not only are legitimate companies having a hard time finding IP blocks to use, so are the attackers. The number of IP addresses required for large scale botnets to operate effectively can be considerable, and finding large IP blocks to use for them can be difficult. And if they do find them, the IP addresses often are blacklisted quickly by reputation systems and are then useless for the attackers.

Now, in one effort to get around these systems, some attackers are taking advantage of the lack of IPV4 space by either purchasing or renting blocks of IP space with good reputations that have been built up over the course of several years. A number of legitimate trading and auction sites have appeared as the IPV4 space became scarcer, and the attackers have gotten involved as well, getting their hands on known good IP blocks and using them for C&C or hosting malware — via redwolf.newsvine.com

Share this Story
Load More Related Articles
Load More In Technology

Leave a Reply

Your email address will not be published. Required fields are marked *

Photos from Flickr