InBoxRevenge KS Forum

The IDG article of 22 February "New ZeuS botnet no longer needs central command servers" suggests gloomy consequences because some new ZeuS botnets do without a command and control (C&C) server. I'm unfamiliar with most of the details about botnets, but my naïve impression is that the lack of a homebase should make the networks more susceptible to a mole and other sabotage. I wonder if such vulnerabilities (should they actually exist) be more often exploited by law enforcement, by civic-minded vigilantes or by rival criminals who bleed off stolen data and exploit them ahead of a botnet's "rightful owner".

I know we had all kinds of fun finding their servers before when it was Waledac and Storm. The problem they are having is that there are fewer countries willing to ignore their criminal activity, and it's hard to do anything on such a massive scale without it becoming inevitable that researchers with honeypotted machines will find your upper level servers. Even P2P has to have some servers that are more equal than others.