It looks like Red October is a bit bashful. After the big reveal, Red October’s infrastructure started going offline. Domain names associated with the project have begun to disappear, as well as hosting for command and control servers. It’s like the whole project is packing up and going home now that the secret’ is out.
While that could be the case, to a certain extent, Red October is known for being resilient and having layers upon layers of proxy defence. The “mothership” has not been located, so there’s still a juicy core of stolen intel somewhere out there. The retraction of recently discovered feelers only makes sense as a move to protect it. The question is: has Red October been thwarted by being found out, or is it just pulling into hibernation until everyone forgets about it, only to come back with new tools and now proxies? My money is on the latter. [Threatpost via Ars Technica]