Discover and read the best of Twitter Threads about #botnet

Most recents (14)

Threat Hunting In #CyberSecurity : Waiting for an alert can be too dangerous.
Threat hunting means to proactively search for malware or attackers that are hiding in your network — and may have been there for some time.
Most time, the goals of these malware or attackers can be to quietly siphoning off data, patiently listening in for confidential information, or working their way through the network looking for credentials powerful enough to steal key information.
Read 19 tweets
@ericgarland @JamesFourM @911CORLEBRA777 @LeslieMPozsonyi @thespybrief @LouiseMensch @MingGao26 "Alexa, this conspiracy isn't stupid enough yet..."

"Deep Stupid Protocols activated."

It's *worse* than you think.

*So* much worse.

How would you make #cryptocurrency even *more* useful to the .@FBI .@IRStaxpros .@USTreasury .@NSAGov?

*Funny* you should ask.
@ericgarland @JamesFourM @911CORLEBRA777 @LeslieMPozsonyi @thespybrief @LouiseMensch @MingGao26 @FBI @IRStaxpros @USTreasury @NSAGov If you're tracking #cryptocurrency back to criminal enterprises, foreign intel operatives/assets, etc, what could be more helpful than a large accumulation of accounts which can be examined under warrant, such as Coinbase?
.@FBI .@IRStaxpros .@USTreasury .@NSAGov
@ericgarland @JamesFourM @911CORLEBRA777 @LeslieMPozsonyi @thespybrief @LouiseMensch @MingGao26 @FBI @IRStaxpros @USTreasury @NSAGov Why yes: a swath of heretofore relatively undissected accounts apparently actively involved in large-scale fraud and currency manipulation, which can be searched under warrant - possibly *all* under warrant - to see how they were used.
.@FBI .@IRStaxpros .@USTreasury .@NSAGov
Read 15 tweets
Ran across an old #russian #Botnet used to boost the follower count on #KremlinTrolls. I don't think the bots tweeted much that was interesting and if they did they would have retweeted it, so it's long gone by now.
45,000 bots that i found so about 100k in this network.
The bots date back to 2013 when the internet research agency started their twitter botting operation.
I found them by looking at the followers of known IRA troll accounts.
@cyvuzumyxudo is an example.
this is one of the 1st IRA troll accounts.
they made thousands of these it mixes russian and english.

they tweeted about #Odessa

the "#EU The Ukrainian Interior Ministry lies"
used the hashtags:

#Russiainva
dedUkraine
and
#NATO
fsrjmJEMg4U
Read 12 tweets
@MollyMcKew @ManInTheHoody @sarahkendzior @MalcolmNance @WIRED @maxgmarshall @ParagonSci_Inc @Sysomos But if there *are* any coordinated attacks going on, then, with apologies to @MolllyMcKew, note that in the wake of Manafort flipping, the assorted #botnet hackers falling to the .@FBI, the #cryptocurrency map of crime & collusion, etc, this is a *great* time to be implicated.
@MollyMcKew @ManInTheHoody @sarahkendzior @MalcolmNance @WIRED @maxgmarshall @ParagonSci_Inc @Sysomos @FBI It's hard to overstate how important a cooperating Manafort becomes to unraveling, say, media subversion.

But let's start with Eric's documentation of media-influence operations & go from there.
.@FBI
@MollyMcKew @ManInTheHoody @sarahkendzior @MalcolmNance @WIRED @maxgmarshall @ParagonSci_Inc @Sysomos @FBI First, remember @ericgarland initially just released the public, executive summary of his research into *one* aspect of this - a consistent pattern of harassment in response to his original Game Theory thread.
.@FBI
Read 56 tweets
@ericgarland @911CORLEBRA777 @JamesFourM @thespybrief @patribotics @LouiseMensch @ninaandtito @DirkSchwenk @xtrixcyclex @colinkalmbacher @claytonpurdom @emzanotti @RoyBlunt @FBIWFO @NewYorkFBI @FBILosAngeles @INTERPOL_HQ @DHSgov It's hard to overstate how important a cooperating Manafort becomes to unraveling media subversion.

But let's start with Eric's documentation of media-influence operations & go from there.
@ericgarland @911CORLEBRA777 @JamesFourM @thespybrief @patribotics @LouiseMensch @ninaandtito @DirkSchwenk @xtrixcyclex @colinkalmbacher @claytonpurdom @emzanotti @RoyBlunt @FBIWFO @NewYorkFBI @FBILosAngeles @INTERPOL_HQ @DHSgov First, remember @ericgarland initially just released the public, executive summary of his research into *one* aspect of this - a consistent pattern of harassment in response to his original Game Theory thread.
@ericgarland @911CORLEBRA777 @JamesFourM @thespybrief @patribotics @LouiseMensch @ninaandtito @DirkSchwenk @xtrixcyclex @colinkalmbacher @claytonpurdom @emzanotti @RoyBlunt @FBIWFO @NewYorkFBI @FBILosAngeles @INTERPOL_HQ @DHSgov There are so many critical details to go over here.

One, the patterns were easily detected, & hard evidence could be found in abundance.

Two, Eric *didn't* stop with documenting & researching just that one piece.
Read 55 tweets
@ericgarland @20committee So, .@ericgarland gets a new kind of botnet targeting, & .@JamesFourM runs into issues w/his article on @Medium?

There was a warning about harassment & the countering release of evidence on the conspiracy.
.@FBI .@NSAGov .@DHSgov .@GCHQ
@ericgarland @20committee @JamesFourM @Medium @FBI @NSAGov @DHSgov @GCHQ The warning: Any egregious harassment of Kremlin critics could release or expedite yet *another* major evidence source against the conspiracy.

While unpleasant, I think these two each warrant something modest… yet formidable.

& apropos.
.@FBI .@NSAGov .@DHSgov .@GCHQ
@ericgarland @20committee @JamesFourM @Medium @FBI @NSAGov @DHSgov @GCHQ So, Eric you brought up the agencies rating investments recently, as well as AIG, stock markets, etc.

What, you might ask, is so deadly about global finance & the conspiracy? Beyond the obvious flows of money & influence?
.@FBI .@NSAGov .@DHSgov .@GCHQ
Read 322 tweets
In conjunction with @SlickRockWeb, now let’s take a look at #WalkAway from a different perspective. Who’s the man behind the curtain, and who’s backing him? His name is Brandon Straka, know here as @UsMinority. Let’s get to know him a bit. #infosec #osint #psyops
Before #WalkAway took off (with surprising rapidity), Straka was a performance artist and stylist in New York. His most recent work appears to have been this show, showing his evolution away from #TheResistance. Here’s a link to the GoFundMe gofundme.com/resist-a-rock-…
His first announcement of the #WalkAway campaign was on May 26th. However, shortly after the dates of his show, on a Facebook post dated 10/27/17, we see the following exchange after a post about @TheEllenShow, which appears to be the first public use of the “walk away” idea.
Read 14 tweets
So for the first time in quite a while a newcomer hashtag had top spot on the #Hamilton68 Dashboard -- #walkaway. We remembered seeing this hashtag in the past few weeks but didnt really know what it was or follow up on it. #infosec #opsec dashboard.securingdemocracy.org
The background story on this hashtag #walkaway is a little strange & the number of bots, trolls, & fake testimonial promoting this hashtag is even stranger. Here's an example of a completely fake tweet highlighted by @daveweigel #opsec #infosec
We decided to look retrospectively at our own reverse engineered #Hamilton68 data. This is a wordcloud of 22893 tweets from our main Hamilton68 troll subset going from June 24th until now & #walkaway takes the #1 spot. #infosec #opsec
Read 31 tweets
Even if it's not connected, putting all of this on accessible computers whether at Cambridge Analytica or various #botnets was *beyond* foolish.

Signed confessions, video documentation, emails discussing in graphic detail *pale* compared to what they have.
It's one thing to have mountains of hard evidence re: crimes.

But the computers can literally detail every minute detail & action the felonies, & literally record the whole thing.

It's like preserving not just a recording of the crime, but the whole crime itself, in amber.
It's not just Cambridge Analytica's servers or whatever they were using for a supercomputer. #Botnets consist of thousands or even millions of computers, & you don't *own* them.

You're taking them over.

You don't own the servers you're networking over.
Read 18 tweets
Had a look at this #botnet
Found 450 accounts.
About half of them have their language set to 'ru'.
I have a twitter list of them here: twitter.com/josh_emerson/l…
newer bots on the left older ones on the right.
fair warning there my be a couple "false positives" due to people not being very smart and tweeting links to #http://votyus.me and #http://realusa.site
I have tried to eliminate them but haven't had a whole lot of time the last few days.
Read 14 tweets
After looking at what I though was a harmless marketing #botnet i have found yet another large set of #Russian bots or troll accounts.
This is part 2 of 3 of a larger set of bots, these have done what they needed to do and are now dormant(mostly)
pastebin.com/ikSP8QH0
to get the 740 accounts, I started with this small set of suspicious accounts. And pulled a list of their followers.
When you sort that list by account creation date you can see the patterns.
For example all these made on 5-29-2014
Read 17 tweets
ICYMI: Test Your #VPN's Anti #Phishing Protection .@planetscape .@ALT_uscis .@COPicard2017 .@IndivisibleNet #InfoSec
When #Ransomware 1st Appeared, .@FoolishIT Issued #CryptoPrevent - Is Free, Now Updated. Recommended! foolishit.com/cryptoprevent-… #InfoSec
Read 13 tweets
Bannon played WOW, no wonder... I'm sure he got the #PoolsClosed on #habbohotel back in 06'. #CyberWarfare wired.com/2016/09/trumps…
#4Chan grew in notoriety after members plotted 'RAIDS' of a virtual internet chat game called #habbohotel where trolling became way of life.
Nazi symbology in a kid's game inevitably lead the developers to 'close the pool' in an effort to stop online trolls from creating a culture of hate online. I'd be interested to know if Bannon was apart of these raids. @FBIWFO @CIA @Cyber @dhsscitech
Read 21 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!