Hackers continue to innovate and cause trouble for businesses of all industries and sizes. One of the more interesting recent tactics includes utilizing a malicious Twitter account to command a botnet of Android devices to do its bidding. Twitoor is considered to be the first real threat to actively use a social network in this manner, making this a major cause for concern.Twitoor is an app that, when installed, places a Trojan on the Android device that receives commands from a central Twitter account. Twitoor can download and install malicious applications, steal data, and switch between alternative command-and-control Twitter accounts. Since you can’t find Twitoor on the Google Play store, it’s thought that it spreads through downloading via a malicious link and “side-loading” it onto a device.
Once Twitoor has been installed on the device, it becomes a part of a botnet. Botnets are commonly used by cyber criminals to spread the influence of their malware across multiple devices. The idea is to infect as many devices as possible by creating “zombie-bots,” or devices that are enslaved and forced to adhere to the hackers’ commands. These networks are capable of performing actions that singular devices cannot, like initiate DDoS attacks. Normally, a typical botnet can leave behind signs of its origins (where it’s receiving commands from), which security professionals can use to find the source of the botnet. They can then shut down the server issuing the commands, but in the case of Twitoor, it’s a bit more complicated.
The problem with Twitoor is that its devices receive commands from a Twitter account that’s always changing. This helps it to avoid detection. ZDNet explains further measures taken by the message to avoid detection: “Those behind the malware have also taken additional steps to safeguard Twitoor, including encrypting messages to further obfuscate their activities.” This makes Twitoor more difficult to destroy at its roots than a typical botnet.
Criminals are adapting their approaches to hacking in an attempt to innovate and explore new opportunities, and Twitoor is the perfect example of this. You always need to be aware of all types of threats, not just traditional ones. We recommend that you reach out to ActiveCo Technology Management for assistance with securing your organization’s network security. This includes mobile devices like smartphones, tablets, and laptops.
In particular, a mobile device management solution can help your organization keep tabs on its mobile devices. You can secure your devices through whitelisting and blacklisting apps, limiting access to sensitive data, and remotely wiping devices that are in danger of being compromised or infection. These preventative measures are designed to mitigate risk, which is an essential part of working with technology solutions.
To learn more, reach out to us at 604.931.3633.