![]() ![]() Xavier Mertens, a security researcher with the SANS Internet Storm Center, unveiled a discovery in a blog post last month. ![]() Increasing accuracy through layered geo-location methods That said, it has been the most reliable method of determining a user’s actual physical location based on data found on their computer. This IP-to-geo database technique isn’t very accurate. ![]() By the same token, an attacker might specifically target computers located in a specific country, or target IPs belonging to a targeted organization. Why does location matter?įor example, a malefactor might avoid infecting addresses from their own country, or they could avoid the IPs that belong to a security vendor. They simply grab the victim’s IP address and check it against an IP-to-geo database to get a victim’s approximate geographical location.īy checking the public IP address used by the victim, an attacker can thus avoid infecting friendlies or security services that could pose a threat to their activities. Malware operators who want to know the location of their victims usually rely on a simple technique to determine the infected system’s location. The malware authors the WiFi AP MAC address (aka BSSID) to geo-locate the systems they have infected.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |