Thursday, August 20, 2009

Twitter Being Used by Hackers to Control Botnets





Popular social networking site Twitter is being used to control botnets, according to Jose Nazario, who is a Senior Security Researcher from Arbor Networks. Botnets are computers infected with malware that allows them to be commandeered by hackers. Nazario says that he stumbled upon one such Twitter account, though it has since been reported and taken down.



The key challenge of building botnets, for hackers, has always been in how to control them. Years ago, this used to be done via IRC channels, where infected computers would visit in order to receive their commands. These have proven to be relatively easy to track down though.



By switching to Twitter, hackers are leveraging not only on the server infrastructure of the social networking site, but also the publicly-known APIs used for the posting and viewing of tweets. And compared to earlier methods that saw hackers putting down money to purchase domains for their bots, creating a user account in Twitter costs them nothing.



Finally, using Twitter also makes it difficult for anti-malware applications to differentiate between a legitimate visit and the behavior of an infected workstation. Talking about the use of Twitter to host a botnet, Nazario said to The Inquirer, "I wouldn't call it rocket science, but it's effective."



For more on this story:- check out this article at The Inquirer















Reblog this post [with Zemanta]

Disqus for ePayment News