Attackers conceal exploit sites with Twitter API

Drive-by exploit writers have been spotted using a popular Twitter command to send web surfers to malicious sites, a technique that helps conceal the devious deed. The microblogging site makes application programming interfaces (APIs) such as this one available so legitimate websites can easily plug into the top topics being …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Thursday 12th November 2009 10:38 GMT Anonymous Coward

Shhh!

So the next big botnet will be using backup command and control servers that have ID's pulled from a legitimate RSS Feed somewhere or other...Meaning when the C&C Servers are taken down the zombies start sniffing RSS feeds and trying the interpreted domains 48 hrs later? hmm not so easy to decapitate then..

should we really be telling the world and his dog?

0 0
Thursday 12th November 2009 12:12 GMT Field Marshal Von Krakenfart

Twats

Just another reason to avoid twatter.....

0 0
Thursday 12th November 2009 15:10 GMT Carter Cole

remember when they figured out the domain algorithm for confricker

good idea because it would be really hard to predict what the next days twitter trend will be so you cant preregister or block those domains to keep them from contacting command and control like they did for some of the other C&C domain generators that are predictable so you can get in front of the hackers

0 0

Topics

Special Features

Vendor Voice

Resources

User topics

Article topics

User topics

Article topics

COMMENTS

Shhh!

Twats

remember when they figured out the domain algorithm for confricker

About Us

Our Websites

Your Privacy