Malware uses WiFi BSSID for victim identification


Malware operators who want to know the location of the victims they infect usually rely on a simple technique where they grab the victim’s IP address and check it against an IP-to-geo database like MaxMind’s GeoIP to get a victim’s approximate geographical location.

While the technique isn’t very accurate, it is still the most reliable method of determining a user’s actual physical location based on data found on their computer.

However, in a blog post last month, Xavier Mertens, a security researcher with the SANS Internet Storm Center, said he discovered a new malware strain that is using a second technique on top of the first.

Read more…
Source: ZDNet