• Subscriber/Sign In
  • Register
  • About Us
isssource.com
  • Home
  • Register
  • News
    • Careers
    • Government
    • Incidents
    • Industry Voices
    • Products and Services
    • Sending it Your Way
    • Technology Update
    • Views
  • Research
  • Events
  • Login
  • Lost Password
  • Training & Certification
  • White Papers
  • Subscribe Now
  • Archives

Breaking News

  • FDA to Hike Medical Device Security
  • Teen who Hacked CIA, DHS Heads gets 2 Years
  • Siemens Mitigation Plan for Simatic App
  • Chemicals Leak at DE Refinery
  • Microsoft Engineer Charged with Money Laundering
  • Schneider Software Plan for InduSoft, InTouch Hole
  • Schneider Updates its Triconex Tricon
  • Rockwell Plan on Stratix Services Router Fix
  • Rockwell Updates Stratix, ArmorStratix Switches
  • Rockwell Mitigation Plan for Ethernet Switch
  • U.S., UK OT Alert on Russians Hackers
  • PAS: Safety System Attack Preventable
  • Balchem Feeds off SHARP
  • Cybersecurity Framework Version 1.1 Released
  • New Alloy Boosts Nuclear Safety
  • Moxa Clears Router Holes
  • Read More

Chemical Safety Incidents

White Papers

  • A Year in Vulnerabilities
  • A Year in Threats
  • Year in Hunting and Responding
  • Finding the Competitive Edge
  • Going Digital
  • Visibility Leads to Knowledge
  • Tips to SCADA Security
  • Read More

Sending it Your Way

  • exida Explains
  • ABB: Process Automation Insights
  • Joel Langill: SCADAhacker
  • [In] Security Culture
  • Eric Byres: Practical SCADA Security
  • Department of Homeland Security
  • Jim Cahill
  • Dale Peterson
  • Industrial Defender
  • Wurldtech
  • Read More

Android Botnet Uses Twitter for C&C

Monday, August 29, 2016 @ 01:08 PM gHale

There is an Android backdoor that connects to a Twitter account instead of a command and control (C&C) server, researchers said.

Android/Twitoor is able to download other malicious applications onto the infected devices and has been active for around a month, said researchers at ESET. The threat isn’t spreading through official Android storefronts, but through SMS or malicious URLs sent to its victims.

RELATED STORIES
Android Hit by Linux TCP Flaw
Fixing an Internet Security Threat
New Cache Attack for Android Devices
Wireless: 900M Android Devices Vulnerable

The backdoor is impersonating a porn player application or MMS program, but it does not present the functionality such software would normally have, ESET researchers said. After launching, the malware hides its presence on the infected device and starts checking a defined Twitter account at regular intervals for commands.

Depending on the commands it receives, the backdoor can either download malicious applications onto the compromised device or can switch to a different C&C Twitter account, researchers discovered.

“Using Twitter instead of command-and-control (C&C) servers is pretty innovative for an Android botnet,” Lukáš Štefanko, ESET’s malware researcher who discovered the malicious app, said in a post. “Twitoor serves as another example of how cybercriminals keep on innovating their business,”

ESET researchers said malware that turns devices into botnets requires communication with a C&C server to receive updated instructions, and this communication could raise suspicion from users. In addition, when these servers end up seized, they tend to disclose information about the entire botnet.

To ensure Twitoor botnet’s communication is more resilient, the malware authors decided to encrypt the transmitted messages. They also used complex topologies of the C&C network and new communication methods, such as social networks.

Štefanko also said Twitoor is the first Twitter-based bot malware for Android.



Leave a Reply

Click here to cancel reply.

You must be logged in to post a comment.

« VMware Fixes Vulnerabilities
Attackers Target Enterprises Through Tool »

  • Home
  • Register
  • View Spotlight Article
  • News
  • Research
  • Events
  • Login
  • Lost Password
  • Training & Certification
  • White Papers
  • Subscribe Now
  • About Us
  • Archive
  • Sitemap
  • Careers
  • Government
  • Incidents
  • Industry Voices
  • Products and Services
  • Sending it Your Way
  • Technology Update
  • Views
Policies
Copyright © 2018 isssource.com
Powered by Magic Members Membership Software