|
DIY Twitter-Controlled Botnet Kit Spotted in the Wild
05/19/2010
|
Lucian Constantin, Security News Editor- May 15, 2010 11:33 GMT
Security researchers from antivirus vendor ESET have uncovered a simple tool automating the creation of botnets that can be controlled from Twitter. The botnet clients can be commanded to launch Distributed Denial of Service (DDoS) attacks or install additional malware on the compromised computers.
The do-it-yourself botnet kit, which ESET detects as MSIL/Agent.NBW, has been discovered by the company's malware investigation laboratory in Latin America, suggesting that it might have originated in the area. "In the last few hours we have found an application that is currently in-the-wild. This application has been developed to automate the creation of botnets where communication between the botmaster and the zombie systems under his control is performed through Twitter," Jorge Mieres and Sebastian Bortnik, both security analysts at ESET, announced in a blog post [in Spanish].
LThe application, who's title bar reads "TwitterNET Builder," has an extremely simple interface with only a text input field for specifying the Twitter account used to rely commands to the bots and a "Build" button. Amongst the commands accepted by the botnet clients generated with this tool are ".DDOS*IP ADDRESS*PORT NUMBER" for launching DDoS attacks, ".DOWNLOAD*LINK/MALWARE.EXE" for downloading more malware or ".VISIT*LINK" for opening a link in the default browser. There is also a .REMOVEALL instruction for the bots to uninstall themselves.
Read the full article at Softpedia.com... |
| Back | Return to Top |
|
|
