

Found: Bitcoin mining bot that is controlled via Twitter - FSecurePal
http://www.f-secure.com/weblog/archives/00002207.html

======
wccrawford
If you were designing something illegal and profitable, would you use a third
party's site to control your system? Why would you give them the power to shut
you down? It's not like it's hard... The messages follow a pattern. They have
to be easy to find.

~~~
owenmarshall
Traffic from random IPs will be spotted and investigated.

C&C over a known service like Twitter, Facebook, etc. is not -- I'd be more
likely to assume it's legitimate traffic and not investigate.

What's really surprising is that the bot authors didn't even make a naive
attempt to disguise its purpose. Perhaps that shows that this C&C pattern
works really well and is not often detected.

