Twitoor First Android Twitter-based Botnet
Security researchers at ESET uncovered the first android based botnet Twitoor, the communication in this botnet is using Twitter accounts. This type of malware is highly targeted because usually people store on the smartphone devices many sensitive and personal information.
Twitoor is not distributed over official channels such as google app but attacker will send it to victim over spam messages. Malware will start by checking twitter account for any instruction to be executed on victim device. Actions on the infected system by downloading another malicious apps or switch the C&C Twitter account to another one.
Twitoor hides all traces of its presence and begins to check Twitter for receiving further commands. In the future, the Trojan can download and install more dangerous applications such as banking Trojans to make income to cybercriminals.
“Twitoor serves as another example of how cybercriminals keep on innovating their business,” Stefanko continues. “The takeaway? Internet users should keep on securing their activities with good security solutions for both computers and mobile devices.” According to ESET
Twitter have been used for several years with windows based botnet but this is the first time to find an android based botnet using Twitter.