IRC Botnets Are Not Quite Dead Yet

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

RetiredUser,
User Rank: Ninja
4/30/2015 | 5:33:13 PM

IRC Bot or Clever Geek?

The most dangerous of the IRC bots are those that have been in place for years and as far as anyone knows are some clever geek (or jerk) haunting the IRC channels.

I recall being on an OpenVMS channel for a long time and exchanging some words with a guy who I thought just had bad English. I should talk since I use Google Translate constantly to talk to people who must cringe when they seem my messages fly by :-)

Long story short, turns out the geek was a bot; I was less careful back then and could basically have been owned by whomever placed the IRC bot there since I was completely convinced it was a person.

While I tend to stick to Freenode these days, I used to connect to dozens of servers, hundreds of channels. IRC is alive and well, but as noted by Joe here, lots of people don't really think about IRC anymore (like BBS) and in a way, neither do we - the regular users - since it's about as comfortable as a desk phone and the feeling of picking up the receiver after hearing a ring.

Yeah, we need to get less comfortable and more alert, for both our sake and that of our fellow IRCers.

Reply | Post Message | Messages List | Start a Board

50%

Joe Stanganelli,
User Rank: Ninja
4/29/2015 | 11:53:40 PM

IRC

Of course, not a lot of people think about IRC anymore...except the techies, hackers, and people active in certain communities (like reddit and 4chan). Thanks for this important reminder that, as IRC still proliferates, so too do IRC vulnerabilities.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

NSA Appoints Rob Joyce as Cyber Director

Dark Reading Staff 1/15/2021

Vulnerability Management Has a Data Problem

Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber, 1/14/2021

Who Is Responsible for Protecting Physical Security Systems From Cyberattacks?

IFSEC Global, Staff, 1/14/2021

Webinars

Protecting Your Enterprise's Intellectual Property

Strategies for Success with Digital Transformation

5 Steps to Solving Modern Scalability Problems

Webinar Archives

White Papers

How to Prioritize Risk Across the Cyberattack Surface

From MFA to Zero Trust

Passwordless: The Future of Authentication

How to Compete in Financial Services IT

Universal Internet Connectivity: Reality or Myth?

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: This is not what I meant by "I would like to share some desk space"

Cartoon Archive

Current Issue

2020: The Year in Security

Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Assessing Cybersecurity Risk in Today's Enterprises

COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

Download Now!

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

Building an Effective Cybersecurity Incident Response Team

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-27221
PUBLISHED: 2021-01-21

In Eclipse OpenJ9 up to version 0.23, there is potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding.

CVE-2021-1067
PUBLISHED: 2021-01-20

NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, which may lead to denial of service or escalation of privileges.

CVE-2021-1068
PUBLISHED: 2021-01-20

NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVDEC component, in which an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges.

CVE-2021-1069
PUBLISHED: 2021-01-20

NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a null pointer reference, causing data loss.

CVE-2020-26252
PUBLISHED: 2021-01-20

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.6, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to update product data to be able to store an executable file on the server ...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]