By Dan Goodin in San Francisco
13th May 2010
A security researcher has unearthed a tool that simplifies the process
of building bot armies that take their marching orders from specially
created Twitter accounts.
TwitterNet Builder offers script kiddies a point-type-and-click
interface that forces infected PCs to take commands from a Twitter
account under the control of attackers. Bot herders can then force the
zombies to carry out denial-of-service attacks or silently download and
install software with the ease of their Twitter-connected smartphones.
"All in all, a very slick tool and no doubt script kiddies everywhere
are salivating over the prospect of hitting a website with a DDoS from
their mobile phones," Christopher Boyd, a researcher with anti-virus
provider Sunbelt Software, writes here.
Alas, TwitterNet Builder requires accounts to be public, so spotting
people who use the software is fairly straightforward. A quick search
revealed accounts here, here and here that appeared to be using the DIY
kit, although it appeared these might be harmless demonstrations rather
than brazen attacks.
Best Selling Security Books and More!
Shop InfoSec News