Hackers launch botnet army on social networks

18 Aug 2009 Leave a Comment

by networkmarsh in Uncategorized Tags: , , , , , , ,

botnet_thumbhacker2

As the social network audience adapts to new social media platforms such as Facebook and Twitter, internet hackers are also jumping onto the bandwagon. Twitter has been hit with a variety of phishing, spam, and malware threats over the past few months. According to the Mail and Guardian, hackers are using Twitter to command “botnet” armies to infect personal computers. The hackers are using botnets to post obfuscated code as tweets to spread viruses.

Botnets are a group of computers infected with a malicious kind of robot software, the bots, which present a security threat to the computer owner. Once the robot software has been successfully installed in a computer, this computer becomes a zombie or a drone and is unable to resist the commands of the bot commander. This robot software is also known as malicious software or malware.

Twitter’s appeal to hackers who use these bots includes the platform’s ability to play the odds by routing short, tainted messages to thousands of computer users simultaneously. Because of this ability, unseen malicious code infects machines that do not have firewalls or updated virus protector.

The Hackers are using the Obfuscated Twitter status messages to send out new download links to malware that Symantec (an anti virus protector provider) calls Downloader.Sninfs. This malware does not only make the consumption of the infected tweets harmful, it also creates room for potential harm to those that click on the links on a friends profile.

How they work

Since botnets operate as an army they have different ranks and they work in stages. The malware downloaded by Downloader.Sninfs is known to Symantec as Infostealer.Bancos. This is a password-stealing Trojan which collects passwords and other sensitive information from users of a compromised computer. However, other botnets just seat in hidden files on the infected computer waiting for the bot commander to issue a command. In a research done by the University of California, Santa Barbara, web scientists managed to hijack a botnet army. They managed to collect 70GB of data that the bots stole from users, including 56,000 passwords gathered within a space of an hour.

The traditional way of which hackers control botnets is by using IRC, but botnet owners are always continuously working on finding new ways of keeping their networks up and running, and Twitter seems to be the latest trick.

Although Twitter.com seems to be latest victim, there are plenty of alternative social networking sites on the Internet that could also be used as a similar medium of communication by these hackers. Twitter.com has already taken the appropriate action against accounts being used in this way, including suspending the account used.

Example of a hacker profile on Twitter

twitter-botnets

 

Botnets and Social Networks

A team of researchers mostly from Taiwan has written a Facebook application for the social network that easily turned victims’ machines into bots able to wage distributed denial-of-service attacks (DDOS), as well as other malicious hacks.

The proof-of-concept Facebot application posed as Photo of the Day, a tool that displayed a different photo each day from National Geographic on users’ Facebook pages. But aside from serving up a photo, it was also serving up malware that recruited the victim’s machine into a botnet.

Facebot demonstrates just how simple it is to weaponize increasingly popular social networking applications for social networks such as Facebook’s, which can be written by anyone for the site. Security experts have warned that OpenSocial and other such social networking platforms are one of the weakest links on social networks.

 

How to protect against Botnets

The most important thing to always remember is that the one thing your computer cannot protect against is human error. Individuals need to exercise some common sense to avoid falling victim to spyware or malicious software. This is especially true if you use peer-to-peer filesharing software, and recently social networks and media as this is a notorious channel through which malware is being sent. One should always exercise caution when clicking on links in emails and on websites, and never give out passwords or login details to anyone via email or over a social network site.

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.