Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

The attackers also made innovative use of Yahoo’s e-mail application programming interface, Villeneuve said. Their malware instructed infected computers to connect to attackers’ Yahoo mail accounts through this interface, then report on their name, operating system, and IP address. The attackers also used this connection to install additional malware on the computer, and to issue commands. Villeneuve says that this system served mainly as a backup for the attackers, in case the Web-based infrastructure was disabled.

Brett Stone-Gross, a researcher at the University of California, Santa Barbara, who studies botnets, says the report shows a shift in strategy for controlling botnets. Not only does it make it harder for administrators to see that traffic is going to the botnet, he says, but it also makes it harder for them to stop it. Administrators generally can’t blacklist a site such as Twitter or Google Groups without causing too much pain to legitimate users, he points out. Stone-Gross compares the practice to spammers’ use of legitimate Gmail, Yahoo, and Hotmail accounts, which have so much legitimate activity that organizations can’t block the domains to filter out malicious e-mail.

Deibert added at the press conference that, while the research suggests that the hackers behind the attacks are based in China, there isn’t hard evidence that the Chinese government was involved. “We’re eager to work with those parts of the Chinese government that want to solve this,” he said, adding that they’ve been cooperating with China’s Computer Emergency Readiness Team (CERT).

However, Deibert criticized the governments hoping to engage in cyber espionage and warfare. “There is a very real arms race in cyberspace, of which this report is but one small example,” he said. The researchers expect that some of the information stolen by the botnet will make it to the Chinese government through some channel, even if the government did not order the attacks.

8 comments. Share your thoughts »

Tagged: Computing, Web, social networks, China, malware, cyber attacks, India, botnets, espionage

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me