Menu
This Android botnet relies on Twitter for its commands

This Android botnet relies on Twitter for its commands

The malware's developer is substituting Twitter accounts for a control server

Twitter users aren’t the only ones checking the microblogging service for important updates. Android malware is starting to do so, too.

One maker of Android malware is using Twitter to communicate with infected smartphones, according to security firm ESET.

The company discovered the feature in a malicious app called Android/Twitoor. It runs as a backdoor virus that can secretly install other malware on a phone.

Typically, the makers of Android malware control their infected smartphones from servers. Commands sent from those servers can create a botnet of compromised phones and tell the malware on all the phones what to do.

The makers of Android/Twitoor decided to use Twitter instead of servers to communicate with the infected phones. The malware routinely checks certain Twitter accounts and reads the encrypted posts to get its operating commands.

Lukas Stefanko, an ESET researcher, said in a Wednesday blog post that this was an innovative approach.  It removes the need to maintain a command and control server, and the communications with the Twitter accounts can be hard to discover.

“It’s extremely easy for the crooks to re-direct communications to another freshly created account,” he said.

ESET said this was first Twitter-controlled Android botnet it had ever found. Windows-based botnets using Twitter have been around since at least 2009.

ESET said Android/Twitoor hasn’t been detected in any app stores, so it probably spreads through malicious links sent to the victim. The malware pretends to be a porn player or multimedia messaging app, and it’s only been active for about a month.

So far, Android/Twitoor has been found downloading versions of mobile banking malware to users’ phones.

“In the future, we can expect that the bad guys will try to make use of Facebook statuses or deploy LinkedIn and other social networks,” Stefanko added.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Show Comments