{"id":96812,"date":"2024-11-27T15:24:35","date_gmt":"2024-11-27T07:24:35","guid":{"rendered":"https:\/\/version-2.com\/?p=96812"},"modified":"2024-11-20T17:09:59","modified_gmt":"2024-11-20T09:09:59","slug":"etec-2024-why-botnet-tracking-is-so-effective","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2024\/11\/etec-2024-why-botnet-tracking-is-so-effective\/","title":{"rendered":"ETeC 2024: Why botnet tracking is so effective"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"96812\" class=\"elementor elementor-96812\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-71ae5294 post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"71ae5294\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4a899f&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1e9119cd\" data-id=\"1e9119cd\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4f04f8cb elementor-widget elementor-widget-text-editor\" data-id=\"4f04f8cb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div id=\"content-c10913988\" class=\"frame frame-default frame-type-text frame-layout-0\"><p><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/trojan_250x250.jpg\" alt=\"\" width=\"250\" height=\"250\" \/><\/p><div id=\"content-c11110032\" class=\"frame frame-default frame-type-text frame-layout-0\"><p><em>ESET has been successfully utilizing botnet tracking for years.\u00a0 <\/em><\/p><p>When cybersecurity vendors invest heavily into sophisticated malware replication mechanisms studying real-life malware behavior in isolated environments, one may ask what the point of malware tracking is. What do we learn by extracting data from malicious code without it running or communicating with a command and control (C&amp;C) server?<\/p><p>Using the <a href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/eset-takes-part-global-operation-disrupt-grandoreiro-banking-trojan\/\" target=\"_blank\" rel=\"noopener\">Grandoreiro banking trojan <\/a>as an example, ESET senior malware researcher Jakub Sou\u010dek explained the pros and cons of botnet tracking and malware replication at the <a href=\"https:\/\/techconference.eset.com\/venue\/#\/en\" target=\"_blank\" rel=\"noopener\">ESET Technology Conference 2024<\/a>, an annual ESET conference discussing the best in ESET security and research.<\/p><p>If you want to know more about how ESET participated in the Grandoreiro disruption, check out our other blog discussing the case at length.<\/p><\/div><div id=\"content-c11110033\" class=\"frame frame-default frame-type-text frame-layout-0\"><header><h3 class=\"bold\">ESET tracking systems<\/h3><\/header><p>With malware tracking, researchers need to implement a dedicated program (parser) for the relevant malware family deployed on the targeted machine. With this tool, the malware is nothing more than an input to such a program.<\/p><p>Using a heuristic approach, code patterns, and analytical output, the parser extracts all interesting information from the malware sample without it running or communicating. It can also emulate the C&amp;C protocol and lure even more information from the C&amp;C server.<\/p><p>\u201cAt ESET, botnet tracking has proven to be an invaluable resource several times in recent years,\u201d Sou\u010dek said.<\/p><p>ESET researchers have utilized such tracking in cases like the <a href=\"https:\/\/www.eset.com\/in\/about\/newsroom\/press-releases\/company\/eset-takes-part-in-global-operation-to-disrupt-trickbot-a-botnet-that-has-infected-over-a-million-c\/?srsltid=AfmBOorrmu3_lXGZNnfi7VwcEhmOTcbYqptKxhuiORVbhwT7fgDJhH3a\" target=\"_blank\" rel=\"noopener\">Trickbot disruption<\/a>, which infested over a million computing devices between 2016 and 2020, the pervasive malware family <a href=\"https:\/\/www.welivesecurity.com\/2023\/07\/06\/whats-up-with-emotet\/\" target=\"_blank\" rel=\"noopener\">Emotet<\/a>, and a large variety of infostealers and remote access trojans (RATs).<\/p><p><strong>The ESET tracking system is designed with the following objectives in mind:<\/strong><\/p><ul><li>Extraction of C&amp;C server domains and IP addresses. These are routed toward automatic blocking. In some cases, ESET also emulates network traffic to obtain more data.<\/li><li>Extraction of payloads, both embedded and downloaded. These are great candidates for automatic detection as well.<\/li><li>The most significant benefit lies in the ability to extract any custom information researchers want, such as DGA configuration, C&amp;Cs that may be used as backup only, mutex names, and license ID.<\/li><li>In the case of banking trojans, ESET engines also extract a list of targeted banks.<\/li><\/ul><\/div><div id=\"content-c11110034\" class=\"frame frame-default frame-type-text frame-layout-0\"><header><h3 class=\"bold\">Pros and cons of botnet tracking<\/h3><\/header><p>The benefits of malware tracking are many \u2013 full power over the malware sample, no actual compromise occurring, anti-emulation techniques don\u2019t work, and the processing speed depends only on the complexity of the used parser.<\/p><p>However, tracking is not suitable for every piece of malware. Heavy code protection breaks binary patterns, frequent code changes increase maintenance requirements, and setting up such tracking may be time-consuming.<\/p><p>\u201cTo summarize, tracking is a great option for analyzing large stable botnets when long-term data is needed, and the samples contain information researchers wouldn\u2019t otherwise have access to,\u201d Sou\u010dek said.<\/p><\/div><div id=\"content-c11110035\" class=\"frame frame-default frame-type-text frame-layout-0\"><header><h3 class=\"bold\">What about malware replication?<\/h3><\/header><p>Malware replication requires a dedicated machine that is deliberately compromised to observe malware behavior, ideally establishing a connection to a C&amp;C server and analyzing their communication. In a best-case scenario, the C&amp;C server replies with additional payloads or plugins and a list of targets in the case of banking trojans, for example.<\/p><p>Setting up such an environment is relatively fast and easy, the entire process doesn\u2019t require heavy maintenance, and the main benefit is that malicious code protection (such as virtualization or heavy obfuscation) can be ignored.<\/p><p>On the other hand, the malware may wait quite a long time before reaching out to a C&amp;C server and, while waiting, both time and processing power are wasted. It may also be quite difficult to see under the custom encryption layers in network communication.<\/p><p>When analyzing installed malware, evading all sandbox-detection mechanisms may be quite tricky. There is also a risk of unusual control flow, like restarting the machine, which further complicates automatic replication.<\/p><p>\u201cIn a nutshell, replication is great for unknown malware where we don\u2019t really care about long-term data. It can also be extremely helpful in overcoming code protection techniques,\u201d Sou\u010dek explained.<\/p><\/div><div id=\"content-c11110036\" class=\"frame frame-default frame-type-text frame-layout-0\"><header><h3 class=\"bold\">Tracking vs. Replication: Which one is better?<\/h3><\/header><p>When it comes to botnets, the Grandoreiro case shows the benefits of malware tracking over malware replication.<\/p><p>Needless to say, a reliable cybersecurity solution should use both to cover the complex threat landscape.<\/p><p>This heuristic and multilayered cybersecurity strategy is part of the ESET prevention-first approach, based on the idea of stopping malware before it does any harm. To achieve that, ESET developed sophisticated solutions minimizing the threat surface (i.e. all possible connection points or attack vectors that attackers can use to enter victims\u2019 systems).<\/p><p>Let\u2019s take botnets in general as an example. <a href=\"https:\/\/www.eset.com\/int\/about\/technology\/\" target=\"_blank\" rel=\"noopener\">ESET technology<\/a> has multiple tools at its disposal to stop them at different stages, such as:<\/p><p><strong>Anti-Phishing \u2013 <\/strong>Botnets (including Grandoreiro) often spread via phishing messages containing malicious content or links redirecting users to phishing websites. ESET Anti-Phishing blocks web pages known to distribute phishing content.<\/p><p><strong>Reputation &amp; Cache \u2013 <\/strong>When inspecting a file or URL, before any scanning takes place, ESET products check the local cache for known malicious or whitelisted benign objects. This improves scanning performance.<\/p><p><strong>ESET DNA Detections \u2013 <\/strong>These perform a deep analysis of the code and extract the \u201cgenes\u201d responsible for its behavior.<a href=\"https:\/\/help.eset.com\/glossary\/en-US\/technology_dna_detections.html?technology_dna_detections.html\" target=\"_blank\" rel=\"noopener\"> ESET DNA Detections<\/a> can identify specific known malware samples, new variants of a known malware family or even previously unseen or unknown malware that contains genes that indicate malicious behavior.<\/p><p><strong>ESET Botnet Protection \u2013<\/strong><a href=\"https:\/\/help.eset.com\/glossary\/en-US\/technology_dna_detections.html?technology_botnet_protection.html\" target=\"_blank\" rel=\"noopener\">ESET Botnet Protection<\/a> detects malicious communication used by botnets and, at the same time, identifies the offending processes. Any detected malicious communication is blocked and reported to the user.<\/p><p><strong>ESET LiveGrid\u00ae \u2013<\/strong> Whenever a zero-day threat is seen, the file is sent to ESETcloud-based malware protection system <a href=\"https:\/\/help.eset.com\/glossary\/en-US\/technology_dna_detections.html?technology_livegrid.html\" target=\"_blank\" rel=\"noopener\">ESET LiveGrid\u00ae <\/a>where the threat is detonated and its behavior is monitored. The results of this system are provided to all endpoints globally within minutes without requiring any updates. This approach has a significant positive impact on scanning performance and deflection of zero-day threats on all protected endpoints with active ESET LiveGrid\u00ae.<\/p><\/div><div id=\"content-c11110037\" class=\"frame frame-default frame-type-text frame-layout-0\"><header><h3 class=\"bold\">Conclusion<\/h3><\/header><p>Malware tracking has been an irreplaceable tool in the hands of ESET researchers for many years, contributing to numerous disruptions of dangerous malware. This mechanism is not a rival to malware replication; quite the contrary \u2013 both represent different approaches, which can be used separately when needed or even complement each other.<\/p><p>However, malware analysis is still only a small fraction of ESET multi-layered cybersecurity focusing on prevention. ESET combines multiple technologies, AI and human expertise to deliver top-notch security and threat intelligence from which ESET partners and law enforcement authorities benefit greatly.<\/p><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1a1b0f4 elementor-widget elementor-widget-shortcode\" data-id=\"1a1b0f4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18159\" class=\"elementor elementor-18159\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-73b4cd0 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"73b4cd0\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8d19c1e\" data-id=\"8d19c1e\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8865cce elementor-widget elementor-widget-text-editor\" data-id=\"8865cce\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About ESET<\/strong><br \/>For 30 years, ESET\u00ae has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET\u2019s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24\/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&amp;D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single \u201cin-the-wild\u201d malware without interruption since 2003.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>ESET has been successfully utilizing botnet tracking fo [&hellip;]<\/p>\n","protected":false},"author":149011790,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1273,40,61],"tags":[41,1272],"class_list":["post-96812","post","type-post","status-publish","format-standard","hentry","category-1273","category-eset","category-press-release","tag-eset","tag-1272"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>ETeC 2024: Why botnet tracking is so effective - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ETeC 2024: Why botnet tracking is so effective - Version 2\" \/>\n<meta property=\"og:description\" content=\"ESET has been successfully utilizing botnet tracking fo [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-27T07:24:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/trojan_250x250.jpg\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/consumer\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/11\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"ETeC 2024: Why botnet tracking is so effective\",\"datePublished\":\"2024-11-27T07:24:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/11\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/\"},\"wordCount\":1111,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/consumer\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/BLOG\\\/trojan_250x250.jpg\",\"keywords\":[\"ESET\",\"2024\"],\"articleSection\":[\"2024\",\"ESET\",\"Press Release\"],\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/blog\\\/consumer\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/11\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/\",\"url\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/consumer\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/\",\"name\":\"ETeC 2024: Why botnet tracking is so effective - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/consumer\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/consumer\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/BLOG\\\/trojan_250x250.jpg\",\"datePublished\":\"2024-11-27T07:24:35+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/consumer\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/blog\\\/consumer\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/consumer\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/BLOG\\\/trojan_250x250.jpg\",\"contentUrl\":\"https:\\\/\\\/www.eset.com\\\/fileadmin\\\/ESET\\\/BLOG\\\/trojan_250x250.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/blog\\\/consumer\\\/etec-2024-why-botnet-tracking-is-so-effective\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ETeC 2024: Why botnet tracking is so effective\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ETeC 2024: Why botnet tracking is so effective - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/","og_locale":"zh_HK","og_type":"article","og_title":"ETeC 2024: Why botnet tracking is so effective - Version 2","og_description":"ESET has been successfully utilizing botnet tracking fo [&hellip;]","og_url":"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/","og_site_name":"Version 2","article_published_time":"2024-11-27T07:24:35+00:00","og_image":[{"url":"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/trojan_250x250.jpg","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"tracylamv2","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"6 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2024\/11\/etec-2024-why-botnet-tracking-is-so-effective\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"ETeC 2024: Why botnet tracking is so effective","datePublished":"2024-11-27T07:24:35+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2024\/11\/etec-2024-why-botnet-tracking-is-so-effective\/"},"wordCount":1111,"commentCount":0,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/trojan_250x250.jpg","keywords":["ESET","2024"],"articleSection":["2024","ESET","Press Release"],"inLanguage":"zh-HK","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2024\/11\/etec-2024-why-botnet-tracking-is-so-effective\/","url":"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/","name":"ETeC 2024: Why botnet tracking is so effective - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/#primaryimage"},"image":{"@id":"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/trojan_250x250.jpg","datePublished":"2024-11-27T07:24:35+00:00","breadcrumb":{"@id":"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/#primaryimage","url":"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/trojan_250x250.jpg","contentUrl":"https:\/\/www.eset.com\/fileadmin\/ESET\/BLOG\/trojan_250x250.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.eset.com\/blog\/consumer\/etec-2024-why-botnet-tracking-is-so-effective\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"ETeC 2024: Why botnet tracking is so effective"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/zh\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-pbu","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/96812","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=96812"}],"version-history":[{"count":13,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/96812\/revisions"}],"predecessor-version":[{"id":97915,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/96812\/revisions\/97915"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=96812"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=96812"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=96812"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}