Forwarded from: security curmudgeon <jericho (at) attrition.org> : http://www.theregister.co.uk/2009/08/13/twitter_master_control_channel/ : : By Dan Goodin in San Francisco : The Register : 13th August 2009 : : For the past couple weeks, Twitter has come under attacks that besieged : it with more traffic than it could handle. Now comes evidence that the : microblogging website is being used to feed the very types of infected : machines that took it out of commission. : : That's the conclusion of Jose Nazario, the manager of security research : at Arbor Networks. On Thursday, he stumbled upon a Twitter account that : was being used as part of an improvised update server for computers that : are part of a botnet. : : The account, which Twitter promptly suspended, issued tweets containing : a single line of text that looked indecipherable to the naked eye. Using : what's known as a base64 decoder, however, the dispatches pointed to : links where infected computers could receive malware updates. : : Master command channels used to herd large numbers of infected machines : have long been one of the weak links in the botnet trade. Not only do : they cost money to maintain, but they can provide tell-tale clues that : help law enforcement agents to track down the miscreants running the : rogue networks. Bot herders have used ICQ, internet relay chat, and : other chat mediums to get around this limitation, but this appears to be : the first time Twitter is known to have been employed. And just like the countless 'stego' articles, how often do we have to read these and pretend to be surprised? The latest social media or technology can be used to convey secret messages or botnet commands or orders to $rebels or baking recipies to my uncle's newphew's sister's cousin's dog. Any new technology is ripe for the picking. Be it interested techno-geeks, money hungry charlatans or 'blackhats' / criminals. They will all use $new_technology to their own gain, with shades of legitimacy and degress of profit. This has been an ongoing trend for 20 years or more. Reporters, quit chasing the low hanging fruit, dare to evolve and write something more interesting. - security curmudgeon ________________________________________ Subscribe to InfoSec News http://www.infosecnews.orgReceived on Tue Aug 18 2009 - 02:21:42 PDT
This archive was generated by hypermail 2.2.0 : Tue Aug 18 2009 - 02:53:20 PDT