Herbalist Dr MziziMkavu
JF-Expert Member
- Feb 3, 2009
- 42,872
- 34,363
Small case shows how criminals find ways to exploit social networking sites
By Jordan Robertson
updated 4:43 p.m. ET Aug. 14, 2009
SAN JOSE, Calif. - Twitter's been having a rough couple of weeks.
A researcher looking into the attacks that knocked Twitter offline last week discovered another, unrelated security problem.
At least one criminal was using a Twitter account to control a network of a couple hundred infected personal computers, mostly in Brazil. Networks of infected PCs are referred to as "botnets" and are responsible for so much of the mayhem online, from identity theft to spamming to the types of attacks that crippled Twitter. Jose Nazario with Arbor Networks said he found a Twitter account that was used to send out what looked like garbled messages. But they were actually commands for computers in a botnet to visit malicious Web sites, where they download programs that steal banking passwords.
The affected Twitter account was taken down. Twitter didn't immediately respond to e-mails for comment.
Nazario said what appeared to be the same person was doing the same thing on an account with a Google Inc. service called Jaiku, which is similar to Twitter.
Google said the affected account was shut down.
The technique Nazario described isn't sophisticated, and a couple hundred infected computers is small when some botnets contain hundreds of thousands of infected PCs.
But it shows how criminals are finding inventive ways to exploit legitimate social networking services to help with their dirty work. One reason social networks are an attractive target for crooks is because their content is hard to monitor, and because people click on lots of links inside their accounts, which is a key way computer infections are spread. Click for related content
Is Facebook becoming Phishingbook?
Man charged with infecting 3,000 computers
Keep your PC out of denial-of-service attacks
"I wouldn't call it rocket science, but it's effective," Nazario said. "This is the problem with free social media that people need to be aware of."
The revelation comes on the heels of a destructive "denial-of-service" attack that brought down Twitter at stretches last week. Those attacks appear to have targeted a lone blogger in the former Soviet republic of Georgia, but affected the entire Twitter service.
Denial-of-service attacks consist of flooding a Web site with so much traffic that its servers buckle under the strain. That's either done by pounding it with an immense volume of traffic (which can be easy to thwart), or increasingly, hammering a site with lots of harder-to-detect computing-intensive requests, like trying to log in or do searches, which can also bring a site to its knees. Botnets, or networks of zombie computers, are the main weapon in both attacks.
© 2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed. http://www.msnbc.msn.com/id/32421408/ns/technology_and_science-security/
By Jordan Robertson
updated 4:43 p.m. ET Aug. 14, 2009
SAN JOSE, Calif. - Twitter's been having a rough couple of weeks.
A researcher looking into the attacks that knocked Twitter offline last week discovered another, unrelated security problem.
At least one criminal was using a Twitter account to control a network of a couple hundred infected personal computers, mostly in Brazil. Networks of infected PCs are referred to as "botnets" and are responsible for so much of the mayhem online, from identity theft to spamming to the types of attacks that crippled Twitter. Jose Nazario with Arbor Networks said he found a Twitter account that was used to send out what looked like garbled messages. But they were actually commands for computers in a botnet to visit malicious Web sites, where they download programs that steal banking passwords.
The affected Twitter account was taken down. Twitter didn't immediately respond to e-mails for comment.
Nazario said what appeared to be the same person was doing the same thing on an account with a Google Inc. service called Jaiku, which is similar to Twitter.
Google said the affected account was shut down.
The technique Nazario described isn't sophisticated, and a couple hundred infected computers is small when some botnets contain hundreds of thousands of infected PCs.
But it shows how criminals are finding inventive ways to exploit legitimate social networking services to help with their dirty work. One reason social networks are an attractive target for crooks is because their content is hard to monitor, and because people click on lots of links inside their accounts, which is a key way computer infections are spread. Click for related content
Is Facebook becoming Phishingbook?
Man charged with infecting 3,000 computers
Keep your PC out of denial-of-service attacks
"I wouldn't call it rocket science, but it's effective," Nazario said. "This is the problem with free social media that people need to be aware of."
The revelation comes on the heels of a destructive "denial-of-service" attack that brought down Twitter at stretches last week. Those attacks appear to have targeted a lone blogger in the former Soviet republic of Georgia, but affected the entire Twitter service.
Denial-of-service attacks consist of flooding a Web site with so much traffic that its servers buckle under the strain. That's either done by pounding it with an immense volume of traffic (which can be easy to thwart), or increasingly, hammering a site with lots of harder-to-detect computing-intensive requests, like trying to log in or do searches, which can also bring a site to its knees. Botnets, or networks of zombie computers, are the main weapon in both attacks.
© 2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed. http://www.msnbc.msn.com/id/32421408/ns/technology_and_science-security/