A coder / hacker that specializes in building Twitter-controlled bots figured he could make a few extra bucks by selling his hacking skills to wannabe hackers. He created a tool that builds botnets, which is basically an automated program that lets a hacker control someone else’s computer and execute commands using Twitter. The most alarming part is how easy it makes it for anyone to create and launch a botnet, and even control a person’s computer without them ever knowing it’s happening.
Building a botnet is as simple as typing in a Twitter account name and pressing build, which will send commands to takover another computer through a tweet. You can even do it from you phone. Some of the commands that can be executed are:
VISIT*link.com* (The attacker can add a 0 at the end to repeatedly open a weblink in an “invisible” manner, or a 1 if they want to pop open a website for giggles on the infected PC).
.DDOS*IP*PORT (This is a UDP attack).
.SAY* (This one takes advantage of the text to speech feature on a Windows machine, babbling a phrase of choice at the confused victim).
.DOWNLOAD*link.com/file.exe* (The attacker can add a 0 at the end to download, or a 1 if they want to download and execute a file).
.STOP (This will tell the Bots to cease their activities).
.REMOVEALL (This cuts the connection between bot and Twitter account).
However, by using one of these bots, the hackers leave themselves extremely exposed because it makes it easy to find who is sending out the attack. All you have to do is search for one of the commands and find exactly who is sending them out.
It’s speculated that Twitter will respond by identifying this problem and figuring out a way to prevent it in the future.