Back to list

Simple Use of Twitter to Access World Class Malware Advice

Thursday 31, Jan 2019

Author – Mary-Jane Phillips
I had just finished a course on ransomware when Wanna Cry hit. This ransomware was not typical in the way it was delivered, so I spent time reading media articles and tweets about the ‘outbreak’. Experts on Twitter led me to Malware Tech’s botnet tracker which sadly, is not currently available.  At the time, I was able to see the map of Wanna Cry infections over time.  (Including in Australia).

I also saw the famous tweet from Marcus Hutchins of Malware Tech about the Wanna Cry ‘kill switch’ domain name being registered.  Mass media was much slower to report information than Twitter and was often incorrect.  So Twitter has become my source of information on rapidly spreading, malware. 

Now, I use malware events on Twitter to fine tune my feed of malware information.  This is the simple process. 

  • Find the relevant trending hash tags on Twitter.  E.g. #wannacry #wannacrypt or #expeta #expetya #notpetya or #bad rabbit #badrabbit ransomware
  • Scan through the tweets to see which ones get a large number of likes, re-tweets or comments (or are liked by experts).
  • Critically assess the tweets (E.g. Large numbers of comments can mean it is controversial).
  • Follow people that give you valuable information on the level of risk, prevention methods, short and long term fixes. (or whatever you are looking for in particular)
  • Think hard before clicking a link.  During an incident, a certain percentage of malicious links will appear.  People who care about the security of society will communicate as much information as possible within the tweet and not just have a hook for you to click.
  • Expand and refine your list with every malware incident. 
  • Identify your favourites.  (You will see who collaborates and who is marketing). 

I particularly like Hasherezade on reverse malware engineering.  She is scientific and has a great network of people she calls on for rapid help. 

With a relatively small amount of work over time, Twitter gives you fast access to a diverse range of experts on malware risk, as well as short and long term fixes. The method  would probably work for most areas in cybersecurity but it works particularly well for malware due to the speed of communication and collaboration required in the community.

Have a look to see the reverse malware experts I follow. This is the link to my Twitter profile. And please connect with me on LinkedIn.  I look forward to meeting you all.