Hackers attack Twitter, Facebook

Twitter, once derided as a frivolous way to tell friends what you are eating and when you're going to bed, has grown up - the hard way.

The cyber-attack that paralyzed the social networking service signaled that it had become big enough to attract the attention of malicious Internet hackers, who may have been motivated by

profit.

No one knows for sure who was behind the "denial of service" strike that crippled Twitter for hours Thursday, and which was also aimed at popular Internet properties Facebook, Google and possibly YouTube.

Speculation as to the perpetrators ran from bored teenagers to hackers for hire.

Several security experts said they saw the fingerprints of a sophisticated operation involving "botnets" - giant armies of personal computers that have been silently taken over by hackers, unbeknownst to their owners.

"Botnets are a very stable platform to engage in all sorts of cyber crime," said Thomas Holt, a professor at Michigan State University's school of Criminal Justice.

Jerry Dixon, former director of the National Cybersecurity Division at the Department of Homeland Security, said the perpetrators could be a group of hackers trying to show that they're capable of taking down a hugely popular social network.

"They are saying, 'Look what I'm capable of doing,' " Dixon said. "It's someone trying to make a name for themselves."

That could be for bragging rights or a more nefarious purpose. The hackers who crippled a service as prominent as Twitter could conceivably sell their skills.

"They would be like hit men, but with digital packets instead of bullets," said Dixon, now a security analyst with the nonprofit group Team Cymru.

Indeed, there have been instances of hackers being paid to take down sites.

In 2004, satellite TV retailer Jay Echouafni was indicted in federal court in Los Angeles on suspicion of paying to attack three online competitors. One of the hackers pleaded guilty, but Echouafni fled and is still at large, according to the FBI.

Security analyst Beth Jones of the Sophos company said one theory going around the security community was that the attack was caused by a botnet using a computer worm known as Koobface.

She doesn't think the worm was created for sport.

"This was no kid who wrote this," Jones said. "This was professionally written."

Once in place, the botnet could be used for underground commercial purposes, such as spreading vast amounts of spam e-mail.

A recent Sophos report said that nearly 90 percent of e-mails received by businesses are spam, although many are filtered out before they reach individuals.

A botnet works best when it's secret. Jones said this attack could be a case of a botnet going wild, perhaps because of a faulty update command.

Twitter's traffic and membership have exploded in the last year, rocketing to more than 45 million visitors worldwide, according to Web ratings firm ComScore Inc.

Twitter's trademark feature -- short messages of 140 characters or less that circulate at lightning speed through vast worldwide networks -- has made it a major source of communication for households, businesses and the media.

"For the people who use it, Twitter is becoming a primary alert system within the information economy," said Jay Rosen, a media professor at New York University. "When that alert system is down, it feels like the Web is broken."

The site has played a role in several high-profile news stories, including the recent upheaval over elections in Iran, where observers and protesters used the service to transmit updates. Before that, Twitter was a source of information about the terrorist attacks in Mumbai, India, and the origin of the first picture of a plane that landed in New York's Hudson River this year.

Just this week, the service was again in the news when Paula Abdul announced on her Twitter page that she was resigning from the hit Fox television show "American Idol."

Twitter said it was the victim of a "distributed denial of service" attack, a disruptive tactic in which outsiders attempt to overload a Web site with huge numbers of computer-generated requests. Those attacks are often generated by botnets.

Because sites have a limited capacity to handle incoming traffic, a deliberate deluge can cause servers to respond slowly to legitimate users, or not at all.

The attack was continuing as of early evening Thursday, though by that time much of the malicious traffic had been deflected, said Kazuhiro Gomi, chief operating officer of NTT America, the company that provides Twitter's Internet infrastructure.

Gomi said an attack capable of bringing down Twitter was "definitely one of the worst-case scenarios."