They used some type of algorithm that detects common data-strings in internet traffic to identify networks and computers in the data-stream and correlate and populate entire networks and trees on seconds
I'm talking top domain ranges on seconds
They populated the entire tree for Australian users in less than a minute
And could connect any 10 users remotely to a mirrored GUI on 10 computers in their demonstration room in less than 10 seconds
I saw them mirror 10 users private computers onto 10 computers in the room in less than 10 seconds, so they could watch OR take full control
As part of their demonstration they took a spam network and destroyed it on seconds
A group that was responsible for systematic bot-net they used to spam people and steal details, claiming to earn thousands from each infected PC, was 'wormed' and taken down in 10 seconds
By 'wormed' I mean, the software identified data strings within the ENTIRETY of the backbone traffic, resolved and confirmed the connections, and created a display, that identified their activity in the data-stream
It as so good, that they could then apply it upstream and target them
It took about 30 seconds to find every single connection they had
They were in their parent systems and shut down the entire lot in less than a few seconds
The impressive part was that they could populate the entire Australian internet user tree in less than 1 minute
They stated that "although the American network was 10 times larger, it is exponential in the way it populates, so it would only take around 2-3 minutes to populate a tree of every user in the United States Of America
I'm talking every single network. Internal/External
And then less than 10 seconds to connect to any RANGE of computers remotely
They said China would take 4-5 minutes to populate
They demonstrated connecting 10 Mac users, to show it's even easier
Because there is no change in the data strings between computers. They are all identical, so they are easy to map
And because they are using the transport strings (internet protocol) to do it, it was impossible to stop
It's not even real hacking. It's like intercepting the data-stream
To show just how easy and effective it is ...
The person giving the demonstration, who is doing it in the data-stream of a communications backbone (giving the demonstration to a ISP), remote desktops into his home computer ...
From there he runs the same code, using the ISPs domains
Within seconds the national operations centre shows spikes across the board in their bandwidth. A congestion spike. They ask the techs if they could determine where it comes from and he assures them it's impossible ...
Then the spike ends and all their graphs return to normal
In his remote computer, their internal network tree populates in seconds
Boom
Then within a few more seconds, he remotely mirrors their National Operations Centre, into/onto 10 PC's in their room, with full remote control and display ...
Without having access and without being given access, or using any type of authentication
Instant telemetry as if security measures don't exist, by mirroring the transport of the data
He could map the entire internet in less than a hour ...
And access any computer or network with a external/internet connection in seconds ...
And for the most part, they wouldn't even know he's there
No comments:
Post a Comment