Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Twitter suffered service problems from hacker attacks on Thursday.

    Users of the micro-blogging service Twitter are used to seeing the fail whale, a graphic that appears when the service’s capacity is overloaded. During the denial-of-service (DoS) attack, however, the site was left completely unreachable for around 90 minutes. This means a hacker used a herd of infected computers to send communication requests to overwhelm its servers. At the same time, a terse message on the site’s status blog said it was down. A while later, it added, “We are defending against a DoS attack and will update our status again shortly.”

    Facebook and other social networking sites appeared to have been affected by Twitter’s shutdown as the latter runs applications through these sites. As such, there were speculations that the glitches were related.

    This is not the first time that Twitter has fallen prey to cybercriminal attacks. The following blog posts point out just some of the recent attacks on the sites:

    Because Twitter is one the fastest-growing Internet companies today, it is not surprising that companies use its services to know more about their prospective employees and keep in touch with their clients. In fact, Twitter’s number of unique visitors worldwide reached 44.5 million in June, up 15-fold year over year, according to comScore data. As such, companies that heavily rely on the site’s services may incur losses due to this most recent attack.

    There are speculations that the attack was not like a botnet-style distributed DoS (DDoS) attack. According to The Register, the torrent of traffic that brought the site down resulted from myriads of people clicking a link in spammed messages referencing a well-known blogger called Cyxymu at the same time. They contained links to Cyxymu’s Twitter, Facebook, LiveJournal, and YouTube accounts, all of which have been reported to receive abnormal amounts of traffic. The theory was backed by an article from CNET News, which quoted Facebook’s chief security officer saying the attacks targeting multiple websites all contained traffic linking to accounts held by Cyxymu.

    A few days after the attack, several theories as to who and what were behind the Twitter attack surfaced. But the prevailing theory, according to Brian Krebs, “suggests that the outage was due to a cyber skirmish stemming from simmering tensions between Russia and Georgia.”

    News sites CNet News and CNN opine that “the outage at Twitter (and to a lesser extent Facebook and LiveJournal) was due to an effort to silence an anti-Russian blogger from Tbilisi who has been calling attention to a recent resurgence of tensions in the region.”

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    • Bubbles

      The experts are offbase as usual. The attacks against Cyxymu were routed through compromised web hosting servers and compromised personal computers. The command and control targeted Cyxymu and the zombied personal PC’s and compromised web hosting servers all started making request against Cyxymu’s web pages.

      How in the h*ll are these botnets ever going to get dismantled when the experts are so far off in left field with their guesses and speculations.

      Let the experts have the IP’s of the traffic that targeted Cyxymu’s web pages. Run those IPs against a whois and see how many lead to web hosting providers ( where compromised web sites will be found ) – and see how many lead to compromised high speed internet users ( where the Internet Service Providers are completely asleep regarding the malicious traffic being poured out of compromised personal computers of end users ).

      Come on people. Figure it out. I am tired of hearing misdiagnosis of the origins of these attacks. And we need to start dismantling these botnets by force, if necessary, if incompetent hosting providers are unable to monitor anomalies in the outbound traffic originating from web sites or web servers within their company’s allocated IP ranges.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice