1.1.1.2 blocks malware, and archive.today performs DDOS. Where's the false reasoning?
replyIt‘s not a C&C/Botnet
replyIt is C&C -- it instructs their site visitors to DOS a specific site.
replyBy this logic, all malicious JavaScript (obvious example is cryptominers I guess, assuming no JS sandbox escape) is C&C, yeah? As it "instructs site visitors" to do something harmful locally?
replyA C&C controls a botnet, where is the botnet?
replyThe browsers of their site visitors.
replyIf you need to be on the site it’s not a botnet and there is no C&C server coordinating the attack. It‘s just the JS on the site that makes the attack.
reply> If you need to be on the site it’s not a botnet
replyWhy? I did not visit the site to participate in a DoS attack; yet my machine was coaxed into participating against my will. Whether this is happening in JS or a drive-by download or a browser 0-day is irrelevant.
You did participate in archive.today’s DDoS without visiting the site?
replyHow if it‘s JS code in the site?
deleted
replydeleted
replyDoes this mean that the Great Cannon of China is not a botnet because it stops working when you close your browser?
replyDoes the Great Cannon of China coordinate the attacks?
replyDoes archive.today?
Hijacking a software like the browser is something completely different to a simple JS on a website.
>Does the Great Cannon of China coordinate the attacks?
replyYes.
>Does archive.today?
Yes.
How does archive.today coordinate the attack?
replyBy telling visitor browsers to DoS the site.
replyThat’s not really coordinating.
replyIt’s just a website with a simple request loop, not C&C server tells when the attacks have to happen.
This doesn’t make your browser a bot
setInterval(function() {
fetch("https://gyrovague.com/?s=" + Math.random().toString(36).substring(2, 3 + Math.random() * 8), {
referrerPolicy: "no-referrer",
mode: "no-cors"
});
}, 300);