On the third page of the article, there's a screenshot of the fake company website where the command and control servers resided, set up by the CIA/whoever back in 2006.
Today, if you search for the specific phrases used in the navigation bar, Google returns only 3 websites:
Sadly, these sites just look spammy rather than fake sites set up by the CIA (and Alexa shows some SEO work has been done.... but that could be part of the facade).
Still, fishing for CIA CNC servers sounds like a fun game, they must be out there today. Anyone have any ideas how to find them?
Follow the malware. Dan Danchev [1] used to be quite forthcoming with his analysis until he wasn't anymore. If you set up a malware aquarium [2] you can see the C&C servers these things use. Although not all malware reproduces in captivity.
Today, if you search for the specific phrases used in the navigation bar, Google returns only 3 websites:
https://encrypted.google.com/search?hl=en&output=search&... The terms are: "media planning" philosophy "creative services" "search solutions" ecrm "ad serving"
Sadly, these sites just look spammy rather than fake sites set up by the CIA (and Alexa shows some SEO work has been done.... but that could be part of the facade).
Still, fishing for CIA CNC servers sounds like a fun game, they must be out there today. Anyone have any ideas how to find them?