Cybercrooks Increasingly Use Tor Network To Control Botnets

alphadogg writes "Malware writers are increasingly considering the Tor anonymity network as an option for hiding the real location of their command-and-control servers, according to researchers from security firm ESET. The researchers recently came across two botnet-type malware programs that use C&C servers operating as Tor 'hidden services.' The Tor Hidden Service protocol allows users to set up services — usually Web servers — that can only be accessed from within the Tor network through a random-looking hostname that ends in the .onion pseudo domain extension. The traffic between a Tor client and a Tor hidden service is encrypted and is randomly routed through a series of computers participating in the network and acting as relays."