Twitter + Pastebin = malware update
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Twitter + Pastebin = malware update | |
|---|---|
| Botnet | Sninfs |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | Twitter, Paste-platform |
| Date | 2009 / 2009-08-17 |
| Editor/Conference | Symantec |
| Link | http://www.symantec.com/connect/blogs/twitter-pastebin-malware-update (Archive copy) |
| Author | Patrick Fitzgerald |
| Type | Blogpost |
Abstract
“ Debian.net and Rifers.org are both legitimate sites and it was a little surprising to see them both in this context. A closer look shows that both of these URLs seem to be using the pastebin feature of the Debian and Rifers sites. Pastebins give Web users the ability to upload arbitrary text in order to share information. Pastebins exist on many sites across the Internet and any one of these sites could have been selected by the attackers in order to host their malicious payloads. It’s likely the Debian and Rifers sites were selected because of the trust associated with their brand. There is little these sites can do to mitigate this type of misuse of a legitimate service provided by their sites.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2009BFR2222,
editor = {Symantec},
author = {Patrick Fitzgerald},
title = {Twitter + Pastebin = malware update},
date = {17},
month = Aug,
year = {2009},
howpublished = {\url{http://www.symantec.com/connect/blogs/twitter-pastebin-malware-update}},
}