Leveraging social networking sites to gain control of user systems, and to make them part of botnets is no longer a new tactic. In a recent research, we came across a malware that uses a Twitter account to send out commands to the new Mehika Twitter botnet’s zombies.
But why are cybercriminals using a social networking site to send out commands to botnet zombies? The answer is quite simple. Using a social networking site does not require installation, configuration, and command-and-control (C&C) server management. Instead, posting messages in a specific account can instantly send out commands and instructions to zombies.
It is also interesting to note that since social networking sites have thousands or even millions of user profiles, locating a suspicious account is difficult, especially if cybercriminals take time out to cover their tracks.