Hackers use Twitter to control botnets
Friday, August 14, 2009
A web security researcher has discovered accounts on Twitter that act as command and control (C&C) centers for directing botnets - networks of malware-infected PCs that can be directed to send spam or launch denial of service attacks.
Researcher Jose Nazario of security firm Arbor Networks said he discovered Twitter accounts that use status messages (tweets) to send out links containing new commands or executables for the botnet to download and run. The botnet uses the RSS feed to get updates from Twitter, Nazario said in a blog post.
One such account with the Twitter profile name upd4t3 has been used to as part of an information stealing scheme.
Nazario said the account is presently live but under review by Twitter and is "just one of what appear to be a handful of Twitter C&C accounts."
Hackers typically use rogue servers to operate their botnets, which can be rented out to other cybercriminals for activity ranging from sending spam to stealing bank account or other information from PCs.
Botnets can also be used to launch distributed denial-of-service attacks (DDoS), which can slow or stop websites from working by overwhelming a site with traffic.
Twitter itself was downed by DDoS attacks last week and again this week.
Related News:
UK cops arrest two in Zbot Trojan case - 11.19.2009
The British Metropolitan Police took two suspected cyber criminals into custody earlier this month in connection with an investigation into the Zbot banking Trojan.
Facebook shakes up privacy policy in response to criticism - 11.19.2009
After a week-long comment period in which 7,000 Facebook users voiced their opinions, the giant social media network announced that it would overhaul and simplify its privacy policy.
Domain registrar VeriSign will receive "major security update" by 2011 - 11.19.2009
A well-known security vulnerability in the way .com and .net websites process DNS values - the way alphanumeric website names are translated into numeric web addresses - will be fixed, but not until 2011, according to a report from tech news website ZDNet.
Malware attack targeting fans of Twilight series - 11.18.2009
As with many recent hot news trends, the upcoming release of the second movie based on Stephenie Meyer's Twilight books has attracted the attention not just of the vampire wannabes, but of actual cyber criminals as well.
Giant black-hat SEO campaign funnels victims to scareware sites - 11.18.2009
Security researchers say that cyber criminals have conducted a large-scale campaign to influence Google results, pushing malware-spreading sites higher on the list and dropping legitimate results to the bottom.
|
