back to article Attackers conceal exploit sites with Twitter API

Drive-by exploit writers have been spotted using a popular Twitter command to send web surfers to malicious sites, a technique that helps conceal the devious deed. The microblogging site makes application programming interfaces (APIs) such as this one available so legitimate websites can easily plug into the top topics being …


This topic is closed for new posts.
  1. Anonymous Coward


    So the next big botnet will be using backup command and control servers that have ID's pulled from a legitimate RSS Feed somewhere or other...Meaning when the C&C Servers are taken down the zombies start sniffing RSS feeds and trying the interpreted domains 48 hrs later? hmm not so easy to decapitate then..

    should we really be telling the world and his dog?

  2. Field Marshal Von Krakenfart


    Just another reason to avoid twatter.....

  3. Carter Cole

    remember when they figured out the domain algorithm for confricker

    good idea because it would be really hard to predict what the next days twitter trend will be so you cant preregister or block those domains to keep them from contacting command and control like they did for some of the other C&C domain generators that are predictable so you can get in front of the hackers

This topic is closed for new posts.