• On TechRepublic: Five super-secret features in Windows 7
August 14, 2009 12:10 PM PDT

Security firms discover botnet on Twitter

by Caroline McCarthy
  • Font size
  • Print
  • 5 comments

A Twitter account can be used as the command center for harnessing a "botnet" of virus-infected computers, security firms Arbor Networks and Symantec reported. In a blog post Friday, Symantec analyst Peter Coogan wrote that researchers found an account, @upd4t3, which was tweeting out links to download a piece malware called Downloader.Sninfs. The account has since been suspended by Twitter.

Downloader.Sninfs, also known as Infostealer.Bancos, is a Trojan that uses the guise of a Brazilian banking site to collects passwords and related personal information from infected computers.

Security on Twitter is front and center right now, as the microblogging site was completely downed by a distributed denial-of-service attack last week that was targeting a Georgian political blogger. While other services like Facebook and the Google-owned Blogger were also hit by the attack, Twitter was the only one to suffer a full-out, hours-long outage, and it called into question just how secure the service really is.

But in this case, the Twittering botnet doesn't necessarily highlight a vulnerability that would be unique to Twitter.

"Although Twitter.com has been used in this instance, there are plenty of alternative sites on the Internet that could also be used as a similar medium of communication," Coogan wrote.

This post was updated at 1:05 p.m. PDT to note that Arbor Networks also reported the Twitter-based botnet.

Originally posted at The Social
Caroline McCarthy, a CNET News staff writer, is a downtown Manhattanite happily addicted to social-media tools and restaurant blogs. Her pre-CNET resume includes interning at an IT security firm and brewing cappuccinos. E-mail Caroline.
Topics:

News,

Vulnerabilities and attacks

Tags:

Twitter,

security,

privacy,

viruses,

Trojans,

botnets

Share:
Digg
Del.icio.us
Reddit
Recent posts from Security
Log in with your face
See what's under McAfee's new interface
26 Windows, Office holes patched in 13 bulletins
McAfee: Spammers exploiting more news stories
Microsoft, Google split over browser bug bounty
Verizon temporarily blocks some 4chan sites
Security software maker Vitamin D exits beta
China breaks up Black Hawk hacking ring
Related
Botnet sends fake SSL pings to CIA, PayPal, others
In their words: Experts weigh in on Mac vs. PC security
Behind the China attacks on Google (FAQ)
Mozilla yanks infected add-ons, warns users
Google China insiders may have helped with attack
Microsoft fixes 8 IE holes, including one used in attacks
Twitter grows up in aftermath of Haiti earthquake
Tearing down Twitter's walls
Add a Comment (Log in or register) (5 Comments)
  • prev
  • next
by basraw August 14, 2009 12:32 PM PDT
doesn't appear to hard to do
Reply to this comment
by C0mmanderB0nd August 14, 2009 12:40 PM PDT
So what is "news" about a single twitter account being able to control millions of mindless automotons here?????
Reply to this comment
by EvanSei August 14, 2009 1:54 PM PDT
It's the writer riding the twitter wave of the last week or so
by bonesbautista August 14, 2009 6:58 PM PDT
What's Twitter? No, really?
Reply to this comment
by n3td3v August 15, 2009 8:57 AM PDT
Since this concept is new, there are going to be a lot of test accounts out there run by the research community who have no illegal intentions.<br /><br />I fear some of these companies may be jumping on the gravy train here to ***** the idea to the media because there isn't a lot else going on right now.<br /><br />And while your research points toward malcode, its possible it was being used on a private lab network for research purposes in an academic environment.<br /><br />There are lots of different reasons this account could of existed.<br /><br />I could be completely wrong, but I think there is an element of fear mongering going on.
Reply to this comment
(5 Comments)
  • prev
  • next
advertisement

Google's social side aims for some Buzz

Facebook and Twitter are the darlings of the social-media world, not Google--which hopes to change that with Buzz, betting it can organize your online social life.

Watching the birth of a gaming start-up

Stewart Butterfield and his friends are back at it with a new company. CNET's Daniel Terdiman was given exclusive, behind-the-scenes access as they built it from scratch.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET