GOLANG – Trojan That Uses Twitter as a C&C server
GoAT (Golang Advanced Trojan) is a trojan made in Go, using Twitter as a the C&C server. GoAT has some very unique and impressive capabilities, including multi-threaded command execution and a sophisticated self defense rootkit module (written in C).
This tool can be used during a penetration testing project or a security awareness session to demonstrate how hackers use social networks to promote their bots. the idea that hacker will install the Trojan on several systems next he will be sending instruction to remote system over twitter.
The configuration file contain account information to be used on twitter and the time to check status by default this is set to 5 seconds. so the infected machine will be checking if there is a new command each 5 seconds.
some of the future enhancements are:
- Check for >1 running instance
- Rootkit: Prevent use and installation of antimalware/antivirus software
- Adding the following Commands:
- Send messagebox
You can download this tool over the following link: https://github.com/petercunha/GoAT