Forensic analysis of opt-in botnets is a tough project. Figuring out why they fail sometimes and succeed others borders on a subtle self-delusion. It is, perhaps, just as easy to say that the opt-in attack succeeds in one case because the coerced CnC was, itself, not in use that day by another opt-in campaign. Or there could have been a cable service problem in Houston, Texas. Or there could have been an accident near Berlin, preventing a bunch of hackers from getting to a Cafe. Or an earthquake.
Better, in my opinion, to focus on the users who are joining the campaigns from the opposite point of view. Looking for a vector AFTER the attack is simple. Looking for the potential vector is tough. Predicting who will join is, to put it bluntly, marketing science.
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
