Why do security blogs censor a malwares C&C domain and/or IP?

I see this countless time which bothers me to no end. For example, this company posted their documentation about the Emotet malware found here: https://cert.grnet.gr/en/blog/reverse-engineering-emotet/

While scrolling through, they show some code but censor the URL the malware uses to contact home: https://i.imgur.com/ZOwtfuM.png

Its an act ive seen for years and I never understood why. Wouldnt you want researchers to know the IP address and/or domains so they can be inspected more than the original authors may have missed?

Touch here for the full post on Network Security Noblemen tumblr

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s