Is Twitter being used to control botnets?

A leading security company claims that Twitter is being exploited by those who own and control botnets — clusters of computers taken over without owner knowledge and often used to launch denial of service attacks.

Arbor Networks suggests that Twitter accounts are being set up to broadcast links to malicious code. Those computers already part of the botnet would then follow these links, via RSS feed, in order to get new instructions/targets.

The tweets are typically encoded in Base64, so would be unintelligible (and effectively benign) to any human reading them. The now suspended account appeared to be directing a distributed denial of service attack to a banking web site.

Given the relative anonymity and near-ubiquitousness of Twitter, it would seem be a good communications medium for these activities – that is, until the accounts are shut down.


Leave a Reply

Your email address will not be published. Required fields are marked *