Twitter Bot Master
Jose Nazario of Arbor Networks found a botmaster account on Twitter. The account simply posted botnet commands as 64 bit encoded commands and the botnet zombies only had to follow the account using an RSS feed subscription. You can read all about it at Arbors blog here. I see no reason why this method wouldn’t work with other public posting methods such as membership only forums or even blogspot and wordpress posts. As I mentioned to Poppy who told me about this cyber story, I wonder if Twitter will use CAPTCHA for tweets now.
If I had to use CAPTCHA for tweets I wouldn’t bother.