Security Experts Detected New Twitter-Controlled Botnet
A new botnet which is exploiting social networking website "Twitter" as its command and control channel, has been detected by security experts, as reported by The Register on 15th September, 2010.
The latest botnet is called 'Mehika botnet', which is among four botnets that are affecting Mexican web users, is being thoroughly examined in a recent research paper called "Discerning Relationships: The Mexican Botnet Connection", released on 13th September, 2010. Tequila, Mariachi and Alebrije are the other botnets.
Regarding the Mehika botnet, the research reveals that the infected drones in the Mehika Twitter botnet receive commands from a Twitter account operated by cyber criminals rather than a conventional instruction and control servers. The exploitation of Twitter as a botnet command channel was came into notice during August, 2009. Later in November 2009, related techniques were used to exploit Facebook profiles as command channels.
While highlighting the new botnet and its technique of operation, Ranieri Romera, Trend Micro Senior Threat Researcher, revealed that hackers are getting several advantages by using social networking websites as command channels, as reported by The Register on 15th September, 2010.
He also added that, by taking advantage of a social networking site as a command-and-control server, the creator can save his time by avoiding installing, configuring and managing a conventional server, which might be easily detectable and hence shut down.
It means that, by just posting a Tweet from a particular Twitter account or updating the status of a Facebook account, can deliver commands or instructions to botnets. Social networking websites like Twitter and Facebook are mainly targeted by malware this year as they are used by millions, and hence it becomes a difficult task to track or locate false accounts.
Again, while commenting on this botnet, a UK-based Security Researcher at Trend Micro, Rik Ferguson revealed that earlier in July, as soon as the Mehika botnet got detected, it became silent. It was detected on 15th July and on the same date all other latest commands were noticed, hence this botnet kept a low profile on that date, as per the reports of The regiser, published on 15th September, 2010.
Related article: Securities Push Up A Must For Web Companies
» SPAMfighter News - 27-09-2010