Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Bot Herders Employ Twitter for Controlling Botnet

Arbor Networks, a net-monitoring company, reports that hackers are currently utilizing Twitter to dispatch coded update tweets to PCs they have earlier loaded with malicious software.

Apparently, this is the first instance of hackers utilizing Twitter to control botnets that typically comprise of infected computers used for tapping their users' movements, overwhelming Internet sites with phony requests or sending spam.

Jose Nazario, Botnet Specialist, Arbor Networks, was first to discover this command-and-control structure. He found that infected PCs were following "Upd4t3", the feed from Twitter, via the site's RSS feed, as reported by WIRED on August 13, 2009.

Nazario wrote that the botnet basically used the update tweets to dispatch new links to all of the users' contacts and subsequently carried fresh instructions or malicious executables designed for installation and execution. Nazario described the operation as a date-stealing activity.

He further stated that he accidentally stumbled across the Twitter command-and-control structure while hunting clues for denial-of-service (DOS) attacks, which disabled the service in recent weeks.

According to Nazario, the feed that Twitter terminated sent messages having a very short text, which appeared almost invisible. However, the tweets, by using so-called base64 decoder, directed to links where the infected PCs could get malicious software updates.

Security specialists said - top command structures, employed to amass huge armies of infected systems, had always been a fragile area in the business of botnets. They proved expensive to maintain and indicated to the typical evidences, which assisted law enforcers to pursue and locate the criminals operating the destructive bot-infected networks. However, bot accumulators had been using Internet Relay Chat, the instant messaging application ICQ, or other chat channels so that they could overcome the limitation, but apparently the use of Twitter was completely new, the specialists noted.

With increasing popularity of Twitter, the site is now of immense interest to cyber attackers. For instance, in July 2009, the Koobface worm that reportedly scrawled MySpace and Facebook attacked Twitter. However, employing the micro-messaging site to regulate botnets appears to be a fascinating twist, state the specialists.

Related article: Bot Operator Infects Rubbermaid Computers And Sentenced to Prison

ยป SPAMfighter News - 9/1/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next