02 October 2016

Firm issues alert over virus operated Twitter account

virusCybersecurity is facing a new threat in the form of Twitter-operated malware known as Twitoor, Lukáš Štefanko, the ESET anti-virus malware researcher who discovered the malicious app has said.

What makes Twitoor more dangerous is the difficulty in tracing (and stopping once activated) the Twitter account that issues the commands.

Unlike traditional malware that operate out of command-and-control servers, Twitoor hides in the system and regularly checks for instructions from the maliciously registered Twitter account.

A trend that Štefanko noted in the instructions include downloads of banking malware to mine and act on account details without owners’ knowledge.

“These communication channels are hard to discover and even harder to block entirely,” Štefanko said. He said it is easy for the crooks to re-direct communications to another freshly created account if one Twitter account is discovered.

The programme is delivered in the traditional form of a website link that impersonates a porn site, a trend that saw more than 50,000 accounts on Facebook compromised in one day in 2015.

The malicious urls play on users’ curiosity, and once activated through clicking issue commands ranging from change of access to downloading other malware to form a network of compromised computers known as a botnet.

Štefanko recommends the best course of action as altogether avoiding suspicious urls or multimedia messages as the malware can also be delivered as an SMS.

Please follow and like us:


Write a comment

9+10 = ?