The future of cyberattacks

[Dino A. Dai Zovi] gave a talk in the earlier part of 2010 where he shares his thoughts on the future of malicious exploits. You can watch it on Ustream and he’s also posted a set of slides (PDF) that goes along with it. We find the 48 minute video to be quite interested. Instead of going into mundane detail, he covers the broader picture; what has been done in the past, what will happen in the future, and how are we currently ill-equipped to respond to future threats? That last question is covered throughout the video, but seems to come back to the concept that we are stuck in a rut of terminology and past practice that is impeding our ability to innovate security strategies at the same rate that the bad guys are coming up with the next nasty thing to come down the pipeline.

Twitter as a botnet command center


The folks over at Arbor Networks were browsing Twitter and discovered something very strange: a Twitter account seemingly posting gibberish. At least, that’s how it appeared at first. Upon closer investigation, they discovered that the profile was posting base64 encoded links to PKZIP archives. When they extracted the contents and unpacked the contained DLL and EXE files, they discovered that the account was posing links to malware that would post user information back to certain URLs. The article was also updated to show that the scheme wasn’t limited to Twitter, but also affected users on Jaiku and Tumblr. It’s a bit scary to see that all malware isn’t as blatantly obvious as we usually would think it to be.