Don't use them for your malicious files.
A while back I was getting honey potted like crazy. So decided to find the leak.
I made various servers all with different ID's that corresponded to where they were going to end up.
I originally thought it was my JDB hoster doing it. So I made around 9 servers all ID'd up, and I wasn't going to spread these to people, they were going to sit there where no real random person would find & launch them.
Nothing happened for about 8 days, then within the space of 20 minutes every single one popped up, all on VM's and all the IP's were near enough the same except the last octet which would be like .11/ .18/ .22 etc..
So it became obvious that the leak was the place where all of these files are together. My dropbox.
So to make sure I created another server, ID 'Drops', placed it in my box and never gave the link to anyone. 2 Weeks later it pops up, again, on a VM.
These honeypotters can be bot stealer's attempting to get info and then steal your slaves, or they can be companies/governments trying to catch people in the act.
If your careful about what you do it's not a major concern, but it does mean your files are most likely being sent to AV's somewhere along the line, which does affect you.
Moral of the story: stop storing servers, crypted or not, in your dropbox.
A while back I was getting honey potted like crazy. So decided to find the leak.
I made various servers all with different ID's that corresponded to where they were going to end up.
I originally thought it was my JDB hoster doing it. So I made around 9 servers all ID'd up, and I wasn't going to spread these to people, they were going to sit there where no real random person would find & launch them.
Nothing happened for about 8 days, then within the space of 20 minutes every single one popped up, all on VM's and all the IP's were near enough the same except the last octet which would be like .11/ .18/ .22 etc..
So it became obvious that the leak was the place where all of these files are together. My dropbox.
So to make sure I created another server, ID 'Drops', placed it in my box and never gave the link to anyone. 2 Weeks later it pops up, again, on a VM.
These honeypotters can be bot stealer's attempting to get info and then steal your slaves, or they can be companies/governments trying to catch people in the act.
If your careful about what you do it's not a major concern, but it does mean your files are most likely being sent to AV's somewhere along the line, which does affect you.
Moral of the story: stop storing servers, crypted or not, in your dropbox.
