This is a great achievment for the fediverse: it is now used by malware (in this case, to find the C&C, or C2, the Command and Control center where the malware will take instructions).
Do note the stupid remark (a typical one from some security fans) saying that the fediverse is not censored enough.
(The account mentioned in the article is already suspended.)
I still wait to see malware using #Gemini to communicate with the C&C :-)
I can't understand why people are using this as an argument against Mastodon (or fediverse in general) while they are being forgiving against Instagram for having the same issues
@selea @bortzmeyer Who is using this as an argument against Mastodon?
@bortzmeyer @selea But nothing in those articles is inherently negative towards Mastodon. It's just states it was abused in a novel way.
@bortzmeyer I tend to agree; it's not like they couldn't also encrypt or hide it (even in a picture or something).
@bortzmeyer though, Mastodon is a "relatively under-moderated space" which *is* problematic for other obvious reasons, in my opinion.
@bortzmeyer thank you for using documentation netblock, first time seeing it used as such :)
@abbe I write RFCs (where this is automatically checked), it helps :-)
Malware already used DNS, IRC, XMPP, Web pages, Ethereum, Twitter, pads, to communicate with their C&C. Sooner or later, they had to try the fediverse. *Every* communication tool can be used this way. Sentences like "Mastodon a relatively under-moderated space" are really dumb. Do they expect a censor to check daily *all* the profiles, and notice that "scan:192.0.2.1" is an order to the malware?