Twitoor

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
Twitoor is a type of malware designed to harm computers and devices by exploiting their vulnerabilities. It is a Trojan that has been observed downloading various versions of mobile banking malware. The designers of the Twitoor botnet took steps to make its communication more resilient, including encrypting their messages and using complex topologies of the C&C network. This included innovative means for communication, such as using social networks, which made Twitoor the first Twitter-based bot malware. According to researchers, Twitoor posed a significant threat to Android devices. The malware was distributed through links in tweets containing commands or configuration files encrypted with a unique key. Once installed on a device, Twitoor could download additional malware and execute various malicious activities. Researchers noted that Twitoor's use of Twitter to communicate with its control servers made it harder to detect and block. Overall, Twitoor represents an evolution in botnet design and highlights the need for continued vigilance against new and emerging threats. Its use of social media platforms like Twitter demonstrates the creative lengths to which malware creators will go to evade detection and pose a risk to users' devices and personal information.
What's your take? (Question 1 of 4)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Twitter
Trojan
Malware
Botnet
Android
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Twitoor Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
First Twitter‑controlled Android botnet discovered | WeLiveSecurity