New Shodan Tool Can Find Malware Command and Control (C&C) Servers by Catalin Cimpanu.
From the post:
Shodan and Recorded Future have launched today a search engine for discovering malware command-and-control (C&C) servers. Named Malware Hunter, this new tool is integrated into Shodan, a search engine for discovering Internet-connected devices.
Malware Hunter works via search bots that crawl the Internet looking for computers configured to function as a botnet C&C server.
In order to trick a C&C server to reveal its location, the search bot uses various predefined requests to pretend to be infected computer that’s reporting back to the C&C server. If the scanned computer responds, Malware Hunter logs the IP and makes it available via the Shodan interface.
…
Take this news as encouragement to step up your game.
On the upside, perhaps Malware Hunter or some successor will “out” government spy malware.