The nation of Georgia discovered a botnet trying to steal sensitive government documents, and what did they do? They gave the cyber-spy a taste of his own medicine, infecting his computer with the very same software he was targeting governments with. His infected computer eventually captured a photo of the alleged cyberterrorist, as well as his IP address. Georgia’s Computer Emergency Response Team says the hacker is behind the “Georbot Botnet” which targeted major governments around the world, including Georgia, the US, and France. The botnet was pretty sophisticated, using 0-day vulnerabilities, embedding itself in links on major Georgian news sites, and turning on microphones and webcams to glean important government data from infected computers. According to CERT, they’ve hack is linked to “Russian Security,” but all we know about him is the photo they gave us.
If you’re interested, read the entire report from CERT here.