Twitter used as command centre to control botnet
Using IRC channels is old school. Cybercriminals are now using microblogging to tell compromised computers what to do.
A botnet was discovered which used Twitter to communicate commands to its connected zombie computers.
The account, which had the name upd4t3, used Twitter messages to send new links for infected computers to contact.
The account, which has now been suspended, was discovered by Arbor Networks' security researcher Jose Nazario.
He said on the Arbor blog: "Basically what it does is use the status messages to send out new links to contact, then these contain new commands or executables to download and run."
Nazario described it as one of a "handful" of Twitter accounts that ran as command and control structures.
Security vendor F-Secure said that it was the first time that Twitter had been used as a botnet's command and control structure.
Historically botnets, which are usually made up of a collection of compromised computers, have been controlled using means of communication such as IRC channels.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Botnet creators can use them to perform illegal acts such as denial-of-service attacks or the theft of credit card information.
Twitter had not responded to our request for comment at the time of publication.