Russian police patrol Moscow following protests about irregularities during Russia's recent parliamentary elections. Photo Credit: Corbis
As the protests in Russia demanding new parliamentary elections mount, Twitter-based chatter about them is being drowned out by PCs hijacked by hackers, say security experts.
The pro-government messages were generated by thousands of Twitter accounts that had little activity beforehand. The hashtag is #???????????? (Triumfalnaya), the name of the square where many protesters gathered.
PHOTOS: Hackers Playbook: Common Tactics
Maxim Goncharov, a senior researcher at security firm Trend Micro, told the BBC that the attack was likely from a botnet, a network of computers that has been taken over by a hacker or hackers via a piece of malware. The malware duplicates itself across many machines, and often operates without the owner of the PC being aware of it.
Brian Krebs, the author of the blog Krebs on Security, noted that the ‘bot accounts – he lists them here – appear to follow a single account (called @master_boot), as well as following each other. The accounts were also all created in July of this year. Besides pro-government tweets many of the messages are gibberish.
Krebs told Discovery News that this isn’t the only time such attacks have been used – he himself was the victim of one soon after he posted his story about the Twitter attack on the protesters. “I got more than 1,500 new followers, all bots. After I tweeted about this fact, whoever was controlling them started flooding my twitter feed with ‘sorry’ replies and random Russian proverbs. I ended up having to spend an hour or so deleting all of these bogus followers, unable to do real work or respond to legitimate followers and readers.”
BLOG: Anonymous Hackers vs. Mexican Drug Cartel
Getting the software for such attacks isn’t that hard, either. One comment on Krebs’ blog noted that for about $150 one can get the automated Twittering software, and a “Twitter blasting machine” totals about $300.
The defenses against automated account registration are starting to crack as well. Although many companies use Captcha, for example, to test whether an account is being registered by a person or a comment left by a spambot, some malicious hackers are simply hiring the work out to crowds of people.
Social networks are becoming an increasingly important stage for conflict between governments and their people. Occupy Wall Street has made effective use of Tumblr, and protests in Egypt were often organized using Twitter and Facebook.
No comments:
Post a Comment