Botnet tool uses Twitter as C&C hub

Script kiddies get a new toy

A tool-kit designed to make it easy for botnet operators to use Twitter as a command and control centre has been discovered.

Security firm Sunbelt Software said that the malware, TwitterNET Builder, can allow hackers to launch distributed denial of service attacks from infected PCs.

It also enables the attacker to open web pages on their victims' computers, and even uses text-to-speech messages to audibly mess with their victims.

While the malware could be used to infected PCs with drive-by downloads, it does not use Twitter to infect new computers. Instead, it uses Twitter to send commands to people who have already infected themselves.

The bot listens to a named, public Twitter account for commands such as .DDOS or .SAY, which makes it rather easy to trace block, Sunbelt's Christopher Boyd blogged.