Twitter’s been having a rough couple of weeks.
A researcher looking into the attacks that knocked Twitter offline last week discovered another, unrelated security problem.
At least one criminal was using a Twitter account to control a network of a couple hundred infected PCS, mostly in Brazil. Networks of infected PCs are referred to as “botnets” and are responsible for online problems from identity theft to spamming to the types of attacks that crippled Twitter.
Jose Nazario with Arbor Networks said he found a Twitter account that was used to send out what looked like garbled messages. But they were actually commands for computers in a botnet to visit malicious Web sites, where they download programs that steal banking passwords.
The affected Twitter account was taken down.
Nazario said what appeared to be the same person was doing the same thing on an account with a Google Inc service called Jaiku, which is similar to Twitter.
Google said the affected account was shut down.
The technique Nazario described isn’t sophisticated, and a couple hundred infected computers is small when some botnets contain hundreds of thousands of infected PCs.
But it shows how criminals are finding inventive ways to exploit legitimate social networking services to help with their dirty work.
One reason social networks are an attractive target for crooks is because their content is hard to monitor, and because people click on lots of links inside their accounts, which is a key way computer infections are spread.
“I wouldn’t call it rocket science, but it’s effective,” Nazario said. “This is the problem with free social media that people need to be aware of.”
The revelation comes on the heels of a destructive “denial-of-service” attack that brought down Twitter at stretches last week. Those attacks appear to have targeted a lone blogger in the former Soviet republic of Georgia, but affected the entire Twitter service.
Denial-of-service attacks consist of flooding a Web site with so much traffic that its servers buckle under the strain. That’s either done by pounding it with an immense volume of traffic (which can be easy to thwart), or increasingly, hammering a site with lots of hard-to-detect computing-intensive requests, like trying to log in or do searches, which can bring a site to its knees. Botnets, or networks of zombie computers, are the main weapon in both attacks.
WASHINGTON’S INCENTIVES: The CHIPS Act set aside US$39 billion in direct grants to persuade the world’s top semiconductor companies to make chips on US soil The US plans to award more than US$6 billion to Samsung Electronics Co, helping the chipmaker expand beyond a project in Texas it has already announced, people familiar with the matter said. The money from the 2022 CHIPS and Science Act would be one of several major awards that the US Department of Commerce is expected to announce in the coming weeks, including a grant of more than US$5 billion to Samsung’s rival, Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), people familiar with the plans said. The people spoke on condition of anonymity in advance of the official announcements. The federal funding for
HIGH DEMAND: The firm has strong capabilities of providing key components including liquid cooling technology needed for AI servers, chairman Young Liu said Hon Hai Precision Industry Co (鴻海精密) yesterday revised its revenue outlook for this year to “significant” growth from a “neutral” view forecast five months ago, due to strong demand for artificial intelligence (AI) servers from cloud service providers. Hon Hai, a major assembler of iPhones that is also known as Foxconn, expects AI server revenues to soar more than 40 percent annually this year, chairman Young Liu (劉揚偉) told investors. The robust growth would uplift revenue contribution from AI servers to 40 percent of the company’s overall server revenue this year, from 30 percent last year, Liu said. In the three-year period
LONG HAUL: Largan Energy Materials’ TNO-based lithium-ion batteries are expected to charge in five minutes and last about 20 years, far surpassing conventional technology Largan Precision Co (大立光) has formed a joint venture with the Industrial Technology Research Institute (ITRI, 工研院) to produce fast-charging, long-life lithium-ion batteries for electric vehicles, mobile electronics and electric storage units, the camera lens supplier for Apple Inc’s iPhones said yesterday. Largan Energy Materials Co (萬溢能源材料), established in January, is developing high-energy, fast-charging, long-life lithium-ion batteries using titanium niobium oxide (TNO) anodes, it said. TNO-based batteries can be fully charged in five minutes and have a lifespan of 20 years, a major advantage over the two to four hours of charging time needed for conventional graphite-anode-based batteries, Largan said in a
Taiwan is one of the first countries to benefit from the artificial intelligence (AI) boom, but because that is largely down to a single company it also represents a risk, former Google Taiwan managing director Chien Lee-feng (簡立峰) said at an AI forum in Taipei yesterday. Speaking at the forum on how generative AI can generate possibilities for all walks of life, Chien said Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) — currently among the world’s 10 most-valuable companies due to continued optimism about AI — ensures Taiwan is one of the economies to benefit most from AI. “This is because AI is