Sunday, November 16, 2014

SLC Security Services LLC OSINT system attacked by botnet

We want to send out personal thank you to the operators of this particular botnet for allowing us the opportunity to map out all the host that were part of your campaign. You see it takes us a long time to find compromised host so we can protect our clients but this type of activity makes it easy for us to collect our intelligence.

In addition it was very nice of you to identify one of our customers issues for us. Security is not 100% but we definitely appreciate the help. Starting at 9:00PM EST on 11-15-2014 we started seeing an influx in the number of failed logins to several of our systems. Within minutes our mining operation had collected over 7000 node endpoint IP addresses and added them to our paid blacklist product. Over the next 3 hours over 100 organizations that have purchased or operate our devices and software were updated with some great intelligence information that will now allow them to protect themselves.

Thanks guys... The whole purpose of open source is to collect this type of information so you actually gave us a great amount of data that is invaluable to our organization. Have a great week!

No systems were compromised and the attackers were blacklisted after the third attempt to login. Also it's funny seeing usernames come in during our two factor authentication process. This helps us to collect the data more easily as it was logged. This was truly awesome! 

No comments:

Post a Comment