|
Twitter, the botnet command network |
|
Written by Brian Austin
|
|
Sunday, 16 August 2009 |
|
Say what you will of Twitter but the ills of social networking and DDOS attacks against controversial bloggers only scratches the surface. According to security researchers Twitter has become a command and control channel for botnets. IT World describes the tweets of a now deactivated account which disseminated instructions to compromised computers designed to gather personal information for a group of identity thieves in Brazil.
Though the discovery is a first for Twitter it doesn't taken an expert to realize that this vector is incredibly promising and falls under the "malicious content hidden in mundane Internet traffic" channel which hackers are exploiting with ever increasing frequency. While services like IRC and chat are being blocked or falling under ever increasing scrutiny hackers are quietly moving to other methods of instructing zombie computers like HTTP/HTTPS. Twitter, in spite of obvious service problems, is a very promising method as its popularity and user base grows because botnet commands can hide amongst normal tweet traffic.
|
