Jose Nazario, a security researcher from Arbor Networks has discovered a crimeware botnet using Twitter to distribute commands.
The botnet has been linked to identity thieves in Brazil. To communicate with the bots under its command it uses Twitter status messages. These status messages provide new links to be downloaded by the bots, it also provides new commands and executables to download.
Nazario says that the bots are being used to send data to URLs linked to Brazilian criminals, he also says that these criminals specialize in banker Trojans.
A Banker Trojan is used to steal data from bank websites – such as logins, passwords, PIN numbers and other security information.
Apparently there are a fair few Twitter accounts which are being used to control botnets. Although Twitter’s security team are aware of the issue, it is only a matter of time before the criminals find a way to disguise the botnet commands.