Twitter Used To Control Botnet Machines 127
DikSeaCup writes "Arbor Network's Jose Nazario, an expert on botnets, discovered what looks to be the first reported case of hackers using Twitter to control botnets. 'Hackers have long used IRC chat rooms to control botnets, and have continually used clever technologies, such as peer-to-peer strategies, to counter efforts to track, disrupt and sometimes decapitate the bots. Perhaps what's surprising then is that it's taken so long for hackers to take Twitter to the dark side.' The next step, of course, is to code the tweets in such a way that they aren't so suspicious."
Interesting code actually... (Score:5, Informative)
From the looks of it it's all base64 encoded shortened URLs.
aHR0cDovL2 is http:/// [http]
aHR0cDovL2JpdC5seS is http://bit.ly/ [bit.ly]
The first one is clipped.
The rest go to a pastebinish sites which have gbpm.exe encoded as Base64. It also appears the base64 is different but the exe has the same name (I'm guessing it's changed 'output'?)
http://rifers.org/paste/content/paste/9507/body?key=upd4t3 [rifers.org]
http://rifers.org/paste/content/paste/9508/body?key=upd4t3 [rifers.org]
http://rifers.org/paste/content/paste/9509/body?key=upd4t3 [rifers.org]
They also use Pastebin (http://pastebin.com/pastebin.php?dl=m49f3b4c2) and Debian.net (http://paste.debian.net/44059/download/44059) but both of those file have been deleted.
Re:Holy shit! (Score:4, Informative)