Twitter is being used for botnet command and control (C&C) purposes, according to new research from network security firm Arbor Networks.
Writing on the firm's official blog, senior security researcher Jose Nazario said he discovered a botnet which uses a Twitter account to send out status updates containing what appears to be a single line of indecipherable text.
However, once decoded the text actually points to links where the infected botnet machines can download more malicious code.
"Basically what it does is use the status messages to send out new links to contact, then these contain new commands or executables to download and run," wrote Nazario. "It’s an infostealer operation."
The account has now been shut down by Twitter, although Nazario warned that it's "just one of what appear to be a handful of Twitter C&C accounts".
In many ways Twitter is the perfect platform from which to control botnets, as it is able to withstand requests from hundreds of thousands of PCs, and has limited scanning capabilities to check for such activity, argued Graham Cluley, senior technology consultant at Sophos.
"Because no legitimate users followed this account, no one was likely to complain and call it spam," he added. "The only PCs looking for these instructions are the infected PCs."
Cluley argued that Twitter needs to take its scanning capabilities "up to a whole new level" in order to proactively prevent such activity in its accounts.
Why does Facebook store "my entire call history with my partner's mum", asks developer who requested his Facebook data
Facebook database included text-message metadata - despite not using Facebook Messenger for SMS
Before Ocado could start selling the technology it had developed to other retailers, it had to tear down and rebuild its own monolithic architecture
Successful attack could result in harm to patients and financial loss, warns NHS governing body
Guccifer 2.0 claimed to be a lone Romanian hacker - until a schoolboy error gave him, her or them away