Hackers use Twitter to manage botnet

Micro-blogging service Twitter is being used by hackers to control a botnet, says a security researcher.

According to Jose Nazario, manager of security research at Arbor Networks, a now-suspended Twitter account was being used to post tweets that had links to new commands and executables, which would then be used by the botnet code on infected machines.

"I spotted it because a bot uses the RSS feed to get the status updates," Nazario said in a blog.

Related:

The traditional way of managing botnets is using IRC, but botnet owners are continuously working on finding new ways of keeping their networks up and running, and Twitter seems to be the latest trick.

The account, called 'Upd4t', is under investigation by Twitter's security team, according to Nazario. But the account is just one of what appear to be a handful of Twitter command and control accounts, Nazario said.

Botnets can, for example, be used to send spam or carry out distributed denial-of-service attacks, which Twitter itself became the victim of last week. The botnet Nazario found is "an infostealer operation", a type that can be used to steal sensitive information such as login credentials from infected computers.