http://www.theregister.co.uk/2009/08/13/twitter_master_control_channel/ By Dan Goodin in San Francisco The Register 13th August 2009 For the past couple weeks, Twitter has come under attacks that besieged it with more traffic than it could handle. Now comes evidence that the microblogging website is being used to feed the very types of infected machines that took it out of commission. That's the conclusion of Jose Nazario, the manager of security research at Arbor Networks. On Thursday, he stumbled upon a Twitter account that was being used as part of an improvised update server for computers that are part of a botnet. The account, which Twitter promptly suspended, issued tweets containing a single line of text that looked indecipherable to the naked eye. Using what's known as a base64 decoder, however, the dispatches pointed to links where infected computers could receive malware updates. Master command channels used to herd large numbers of infected machines have long been one of the weak links in the botnet trade. Not only do they cost money to maintain, but they can provide tell-tale clues that help law enforcement agents to track down the miscreants running the rogue networks. Bot herders have used ICQ, internet relay chat, and other chat mediums to get around this limitation, but this appears to be the first time Twitter is known to have been employed. [...] ________________________________________ Subscribe to InfoSec News http://www.infosecnews.orgReceived on Fri Aug 14 2009 - 02:22:31 PDT
This archive was generated by hypermail 2.2.0 : Fri Aug 14 2009 - 02:30:49 PDT