Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

Android Botnet Relies on Twitter for Commands

Accepted submission by Arthur T Knackerbracket at 2016-08-25 08:19:35
Mobile

Story automatically generated by StoryBot Version 0.2.0a (Development).

Note: This is the complete story and will need further editing. It may also be covered by Copyright and thus should be acknowledged and quoted rather than printed in its entirety.

FeedSource: [ComputerWorld] collected from rss-bot logs

Time: 2016-08-25 01:00:39 UTC

Original URL: http://www.computerworld.com/article/3112305/security/android-botnet-relies-on-twitter-for-commands.html [computerworld.com] using UTF-8 encoding.

Title: Android botnet relies on Twitter for commands

--- --- --- --- --- --- --- Entire Story Below --- --- --- --- --- --- ---

Android botnet relies on Twitter for commands

Arthur T Knackerbracket has found the following story [computerworld.com]:

Twitter users aren't the only ones checking the microblogging service for important updates. Android malware is starting to do so, too.

One maker of Android malware is using Twitter to communicate with infected smartphones, according to security firm ESET.

The company discovered the feature in a malicious app called Android/Twitoor. It runs as a backdoor virus that can secretly install other malware on a phone.

Typically, the makers of Android malware control their infected smartphones from servers. Commands sent from those servers can create a botnet of compromised phones and tell the malware on all the phones what to do.

The makers of Android/Twitoor decided to use Twitter instead of servers to communicate with the infected phones. The malware routinely checks certain Twitter accounts and reads the encrypted posts to get its operating commands.

Lukas Stefanko, an ESET researcher, said in a Wednesday blog post [welivesecurity.com] that this was an innovative approach.  It removes the need to maintain a command and control server, and the communications with the Twitter accounts can be hard to discover.

"It's extremely easy for the crooks to re-direct communications to another freshly created account," he said.

ESET said this was first Twitter-controlled Android botnet it had ever found. Windows-based botnets using Twitter have been around [arbornetworks.com] since at least 2009.

ESET said Android/Twitoor hasn't been detected in any app stores, so it probably spreads through malicious links sent to the victim. The malware pretends to be a porn player or multimedia messaging app, and it's only been active for about a month.

So far, Android/Twitoor has been found downloading versions of mobile banking malware to users' phones.

"In the future, we can expect that the bad guys will try to make use of Facebook statuses or deploy LinkedIn and other social networks," Stefanko added.


Original Submission