
For 8 years a hacker operated an IoT botnet just to download Anime videos - deathgrips
https://www.zdnet.com/article/for-8-years-a-hacker-operated-a-massive-iot-botnet-just-to-download-anime-videos/
======
bediger4000
I'm skeptical of the "hobby project" designation. The botherder demonstrated
decent operational security, except for the initial lapse of German C2
servers, and the tar file with user name "stefan". Used TOR to access things.
Stefan T. Botherder wrote custom backdoor(s), and subnetted the infected
machines. Stefan was careful not to exfiltrate data so fast as to raise
alarms, and exhibited extensive knowledge of Linux and the NAS/DVR
environments.

This is a lot better than most of the sub-moronic WordPress compromise bottom
feeders who put bitcoin miners out there, or those goofs that run the Perl IRC
bot. The Perl IRC bot people you could characterize as "hobbyists", but this
botnet seems way too carefully done.

This article raises another question: how many carefully-built and maintained
botnets are there, where the botherder just flies under the radar?

