Feeds

back to article Attackers hone Twitterific exploit-site concealer

Malware writers have revamped code that uses a popular Twitter command to generate hard-to-predict domain names, a technique that brings stealth to their drive-by exploits. Four weeks ago, when The Register reported Twitter application programming interfaces were being used to generate pseudorandom domain names, none of the …

COMMENTS

This topic is closed for new posts.
Badgers

So it's not really using Twitter...

... as anything other than a publicly-observable source of common random numbers? Huh, there are a million ways of doing this sort of trick. Check a stock feed and get the third letter of the day's highest riser. Download the front page of a news website and look at the fourth letter of the third word in the second paragraph of the first story. Number of posts to alt.test that day? Hell, check the temperature in LA or the humidity in Moscow on a weather site.... the possibilities are endless. Twitter just makes a badger-tastic hook to hang the story on.

0
0
Anonymous Coward

eh

Why is using twitter topics to generate random URLs any better than using say the headlines on bbcnews or any RSS feed that changes on a regular basis?

0
0

Callback

Following all the links to the break down of the JavaScript it seems that the use of a JSON callback in the Twitter API is the main advantage as it would appear that the actual malicious code doesn't get called without it.

http://blog.unmaskparasites.com/2009/11/11/hackers-use-twitter-api-to-trigger-malicious-scripts/#twitter

0
0
This topic is closed for new posts.