Members
Stats
  • Total Posts: 28510
  • Total Topics: 8239
  • Online Today: 852
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Thieves use Twitter as botnet command channel (Banker Trojans, upd4t3)  (Read 1630 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Arbor Networks security researcher Jose Nazario has stumbled upon a crimeware botnet using Twitter as its command-and-control operation.

The botnet, which is linked to identity thieves in Brazil, uses Twitter status messages to communicate with bots — sending new links for the infected computers to contact and new commands and executables to download and run.

Above is a pics from Twitter account in question.

“It’s an infostealer operation,” Nazario explained.

He said the bots are sending data to URLs linked to Brazilian criminals that specialize in banker Trojans: http://www.f-secure.com/v-descs/banker.shtml

Banker Trojans are used to steal logins, passwords, PINs, check words and other information from bank websites.

The stolen information is usually uploaded to a hacker’s website using a webform. The most vulnerable are users of on-line banks and payment systems that have logins and passwords that do not change every time a user logs on. That is why many banks are now switching to one-time passwords that expire after being used once.

Nazario said there are quite a few Twitter accounts being used to control botnets.  Twitter’s security team is aware of the issue.  Some of the malicious accounts have already been deleted.

(ZDnet)


Samker's Computer Forum - SCforum.info





 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising