Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the discovery and analysis of a massive botnet infrastructure comprising approximately 70,000 compromised hosts, uncovered through a simple but critical security oversight. Learn how the repeated use of a single self-signed certificate across multiple hosts exposed an entire network of Operational Relay Boxes and revealed a sophisticated multi-layered cyber attack infrastructure. Examine the GobRAT malware and a previously undocumented backdoor dubbed "Bulbature" that formed key components of this global operation. Discover how open directories on the majority of command and control servers provided unprecedented access to over 5,000 files, offering unique insights into the operators' methods and infrastructure. Understand the global scope of this cyber threat network and its potential connections to China-based threat actors. Gain practical knowledge about how small security operations oversights can lead to massive infrastructure exposures and learn techniques for tracking and analyzing large-scale botnet operations through certificate analysis and open source intelligence gathering.
