[ISN] Twitter-controlled botnets come to the unwashed masses

From: InfoSec News <alerts_at_private>
Date: Fri, 14 May 2010 00:48:36 -0500 (CDT)
http://www.theregister.co.uk/2010/05/13/diy_twitter_botnets/

By Dan Goodin in San Francisco
The Register
13th May 2010

A security researcher has unearthed a tool that simplifies the process 
of building bot armies that take their marching orders from specially 
created Twitter accounts.

TwitterNet Builder offers script kiddies a point-type-and-click 
interface that forces infected PCs to take commands from a Twitter 
account under the control of attackers. Bot herders can then force the 
zombies to carry out denial-of-service attacks or silently download and 
install software with the ease of their Twitter-connected smartphones.

"All in all, a very slick tool and no doubt script kiddies everywhere 
are salivating over the prospect of hitting a website with a DDoS from 
their mobile phones," Christopher Boyd, a researcher with anti-virus 
provider Sunbelt Software, writes here.

Alas, TwitterNet Builder requires accounts to be public, so spotting 
people who use the software is fairly straightforward. A quick search 
revealed accounts here, here and here that appeared to be using the DIY 
kit, although it appeared these might be harmless demonstrations rather 
than brazen attacks.

[...]


_______________________________________________
Best Selling Security Books and More!
Shop InfoSec News
http://www.shopinfosecnews.org/ 
Received on Thu May 13 2010 - 22:48:36 PDT

This archive was generated by hypermail 2.2.0 : Thu May 13 2010 - 22:56:13 PDT