Security for the masses

Skip to: Content | Sidebar | Footer

A sensible, grammatically correct Tweet for C&C

15 September, 2010 (16:33) | A cat called password. | By: Blogkeep

I read an article recently on The Register
regarding tweet controlled bot nets and I thought of this:

Tweet about anything but create sensible and grammatically correct text.

Bot is hard coded with a sequence of numbers that bot uses to read single characters from any/all the words of a tweet.
The bot reads a tweet taking the first letter/word as a mode switch.

Read this tweet as a string of commands.
Read this tweet as new number sequence for reading commands from future tweets.
Read this tweet as an new target address range.

Some jobs running scripts against a database of the number sequences that the bots use to read the tweets are
fed into some clever software(wetware) that writes and submits grammatically correct and sensical tweets.

Now how can this be filtered?

I speculate now, for what if the bots were coded to tweet without the wetware being involved, pre-programmed to C&C other bots to maintain connections should one avenue fail. Can Twitter account generation be accomplished by a bot yet?

As an after thought: Why use Twitter, if one controls a botnet that re-interprets written text posted to the Internet as command and control codes. The possibilities are almost limitless, forums, social networking sites, Usenet news posts, popular blogs etc.


Comment from blogkeep
Time June 24, 2011 at 1:45 am

I have been thinking a little more on this and have had some ideas, When I get the time I think I will develop those ideas further and put them into code.

Write a comment