Botnets Go Public by Tweeting on Twitter
Twitter is such a craze, even bot masters feel the need to jump on the social-networking service.
On Thursday, a researcher with network-security firm Arbor Networks revealed that some bot masters are using the microblogging service to communicate with collections of compromised computers.
Jose Nazario, manager of security research for Arbor Networks, began investigating the connection between botnets and Twitter after spotting a strange-looking feed on the social network. As it turns out, what appeared to be scrambled status updates were in fact a series of obfuscated links to malicious software updates for a relatively new botnet. Following the links, which redirected through the URL-shortening service Bit.ly, resulted in users downloading a compressed file.
“What we found was a base-64 encoded ZIP file,” says Nazario. “When you unpack the file and try to do a detection on the two files inside, it had weak detection.” In other words, only 44 percent of antivirus engines detected the original bot software and less than half of those detected the updates.
Bot operators moved away from public command-and-control channels because security researchers have had too much success analyzing the botnets that use such communications as Internet relay chat (IRC). In a recent paper, Ulrich Bayer, of the Technical University of Vienna, and his colleagues documented the drop in use of IRC for command and control between the start of 2007 and the end of 2008.
Yet, Nazario argues that it will be easy to hide in the noise of Twitter. Because shortened URLs are so common, and services such as Bit.ly have trouble scanning the destination of every link they handle, defending against botnets who abuse Twitter as a communications medium will be hard, he says.
“There are so many Twitter accounts, it would be pretty easy to hide in the fray,” Nazario says.
Keep Reading
Most Popular
Large language models can do jaw-dropping things. But nobody knows exactly why.
And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.
The problem with plug-in hybrids? Their drivers.
Plug-in hybrids are often sold as a transition to EVs, but new data from Europe shows we’re still underestimating the emissions they produce.
Google DeepMind’s new generative model makes Super Mario–like games from scratch
Genie learns how to control games by watching hours and hours of video. It could help train next-gen robots too.
How scientists traced a mysterious covid case back to six toilets
When wastewater surveillance turns into a hunt for a single infected individual, the ethics get tricky.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.