Twitter Botnet Facilitator Tool Identified
A researcher with anti-virus software vendor Sunbelt, Christopher Boyd, has recently discovered a tool that facilitates in building armies of bots which take their instructions from specific Twitter accounts, as per the news published by The Register on May 13, 2010.
The tool, known as TwitterNET Builder, creates malicious executables which hackers can forward to the systems of other users. They can either send mails with file attachments or send the instant messages bearing links to the infected executables.
On opening the files, user's PC gets infected with malware that allows cybercriminals to manage it through a Twitter account. Moreover, networks of infected PCs (called botnets) can then flood websites with traffic, which causes them to distribute denial-of-service (DDoS) attacks by means of User Datagram Protocol (UDP). It can successfully open a webpage, halt all bot activities and eliminate connecting bots. They can be used to distribute junk e-mails and a higher number of malware.
The security researchers explained that however it is not known to have any autostart technique or propagation capability, but even then the attacker could probably install the bot server manually onto a PC, or could deceive a user to run the file. So they advised users to be careful while opening attachments or running files originating from unknown and unreliable sources.
In the meantime, Twitter was informed about the potential danger of the botnet and they are taking apt measures to block the further propagation of this malware.
Boyd applauded Twitter for handling the issue seriously. He recalled that it took precisely 13 minutes to reply to his e-mail, which seems quite impressive when we talk of standards, as per the news published by Webuser on May 13, 2010.
It is learnt that Twitter has been misused as a command and control centre in past also. In 2009, cybercriminals used Twitter to run botnets. According to security researchers at security firm F-Secure, a network of compromised computers was given directions through a fake Twitter account.
Besides Twitter, Facebook, Google Groups and Google's AppEngine are some other examples of this cloud-based model.
Related article: Twitter Flaw Compels Victims to Follow Hacker’s Account
» SPAMfighter News - 22-05-2010