Security firms discover botnet on Twitter

An account on the microblogging service can be used to host and control a botnet of infected computers, Symantec and Arbor Networks say.

A Twitter account can be used as the command center for harnessing a "botnet" of virus-infected computers, security firms Arbor Networks and Symantec reported. In a blog post Friday, Symantec analyst Peter Coogan wrote that researchers found an account, @upd4t3, which was tweeting out links to download a piece malware called Downloader.Sninfs. The account has since been suspended by Twitter.

Downloader.Sninfs, also known as Infostealer.Bancos, is a Trojan that uses the guise of a Brazilian banking site to collects passwords and related personal information from infected computers.

Security on Twitter is front and center right now, as the microblogging site was completely downed by a distributed denial-of-service attack last week that was targeting a Georgian political blogger . While other services like Facebook and the Google-owned Blogger were also hit by the attack, Twitter was the only one to suffer a full-out, hours-long outage , and it called into question just how secure the service really is.

But in this case, the Twittering botnet doesn't necessarily highlight a vulnerability that would be unique to Twitter.

"Although Twitter.com has been used in this instance, there are plenty of alternative sites on the Internet that could also be used as a similar medium of communication," Coogan wrote.

This post was updated at 1:05 p.m. PDT to note that Arbor Networks also reported the Twitter-based botnet.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments