Security researchers have discovered another botnet that uses Twitter as a command and control channel. Malware-infected drones in the Mehika Twitter botnet, active in Mexico this summer, take instructions from a Twitter account maintained by hackers instead of conventional command and control servers. The use of Twitter as a …
Is filtering really that difficult?
Surely its pretty simple to distinguish between the inane ramblings of a real twitterer and the very specific commands used to control a botnet?
If you have a website or a specific IP address on which your bots rely, those can be taken out rendering your botnot sterile.
But with Twitter's searchable timeline and suitable hashtags, you could post from *any* public account and your bots could find the commands.
And if you make the control commands into inane comments about eating breakfast, or getting your norks out in aid of vouyerism^Wcharity, they'd go completely un-noticed!
First two comments..
sum it up.
I was going to say... if the bots were coded to take inane ramblings as actual commands... breakfast could mean initiate keylogger, Tiffany's could mean roll out the spam.
What I am curious is how long these channels last? Parsing 50 million 140 character paragraphs of text and links per day isn't really practical. Unless they throw some serious money at the problem.
But then if the bots were coded to... respond to an inane but grammatically correct sentence. The filter would have to remove 98% of Tweets.
A no win situation?
no my friend
"The filter would have to remove 98% of Tweets."
THAT is a WIN-WIN situation
Twitter was malware. :)
YOU thought wrong!
Windows IS malware!
Tw@tter is simply a waste of time and bandwidth.