AOH :: ISNQ5308.HTM

Re: Twitter transformed into botnet command channel




Re: Twitter transformed into botnet command channel
Re: Twitter transformed into botnet command channel



Forwarded from: security curmudgeon 

: http://www.theregister.co.uk/2009/08/13/twitter_master_control_channel/ 
: 
: By Dan Goodin in San Francisco
: The Register
: 13th August 2009
: 
: For the past couple weeks, Twitter has come under attacks that besieged 
: it with more traffic than it could handle. Now comes evidence that the 
: microblogging website is being used to feed the very types of infected 
: machines that took it out of commission.
: 
: That's the conclusion of Jose Nazario, the manager of security research 
: at Arbor Networks. On Thursday, he stumbled upon a Twitter account that 
: was being used as part of an improvised update server for computers that 
: are part of a botnet.
: 
: The account, which Twitter promptly suspended, issued tweets containing 
: a single line of text that looked indecipherable to the naked eye. Using 
: what's known as a base64 decoder, however, the dispatches pointed to 
: links where infected computers could receive malware updates.
: 
: Master command channels used to herd large numbers of infected machines 
: have long been one of the weak links in the botnet trade. Not only do 
: they cost money to maintain, but they can provide tell-tale clues that 
: help law enforcement agents to track down the miscreants running the 
: rogue networks. Bot herders have used ICQ, internet relay chat, and 
: other chat mediums to get around this limitation, but this appears to be 
: the first time Twitter is known to have been employed.

And just like the countless 'stego' articles, how often do we have to read 
these and pretend to be surprised?

The latest social media or technology can be used to convey secret 
messages or botnet commands or orders to $rebels or baking recipies to my 
uncle's newphew's sister's cousin's dog.

Any new technology is ripe for the picking. Be it interested techno-geeks, 
money hungry charlatans or 'blackhats' / criminals. They will all use 
$new_technology to their own gain, with shades of legitimacy and degress 
of profit.

This has been an ongoing trend for 20 years or more. Reporters, quit 
chasing the low hanging fruit, dare to evolve and write something more 
interesting.

- security curmudgeon


________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org 

Site design & layout copyright © 1986-2014 CodeGods