I run 8 honeypots, and have for years. I've not seen this.
There maybe some specific targeted firms (i.e. av firms,
Microsoft, etc.) and some occasional honeypot
identifications made by honeypot-aware hackers, but its far
from mainstream.
Criminal hackers are stealing millions of dollars every
day...their current methods are working just fine. The idea
that they actually need an offensive strategy is almost
laughable. Computer crime is on an incredible rise this
year...and it isn't because they are taking down honeypots.
Article fodder for a gullible reporter. For heaven's
sake, the first article mentioned that some malware programs
are actually disabling antivirus mechanisms as if it was
news.
-----Original Message-----
From: David Jiménez Domínguez [mailto:djdsecurity gmail.com]
Sent: Wednesday, April 05, 2006 6:50 PM
To: honeypotssecurityfocus.com
Subject: Looking for Honeypots???
Hi list!!
Yesterday ZDnet issued a note [1] about cybercriminals
looking for antivirus firm's honeypots in order to launch
attacks against them, specially those for malware
collection. I've read some docs about the same topic [2][3]
some days ago...
Have yout ever seen something like that within your
honeynets?
I think one of the reasons of this actions is to stop the
botnet hunting and botnet hijacking, not to be aware if they
are being watched mainly...
What do you thing??
[1] http://ne
ws.zdnet.co.uk/internet/security/0,39020375,39261210,00.
htm
[2] http://www.it-observer.com/articles/1101/ho
neypots_how_seek_them_out/
[3] http://ryan1
918.org/viewtopic.php?t=1444
--
------------------
DJD
_
|