Twitoor Is an Android Backdoor Trojan Controlled via Twitter

Security researchers discovered Twitoor, the first Trojan that affects Android smartphones. It is controlled remotely via malicious Twitter accounts that transmit control messages to the victim devices.

Twitoor Is a Threat to Android Users

Security researchers from ESET reported the discovery of Twitoor, a potent Android Trojan that is controlled via malicious Twitter accounts. Distribution is done through counterfeit MMS viewers and fake adult content players. These players are sent to unsuspecting users through spam campaigns and unofficial APK stores.

The Trojan activates immediately after a successful installation. Twitoor checks specific Twitter profiles for commands. The Trojan has the capability to create botnets out of the infected devices. The criminals have added the functionality to change the master control profile via messages.

This is the first time security researchers witness an Android Trojan that is controlled via Twitter. Malicious programmers have utilized the social network as a remote controller for desktop viruses, and this is a known technique, however, for mobile applications this is a novel idea. Other web services that have been used for such purposes include Dropbox, GitHub, Baidu and even Google Docs.

Specialists speculate that in the future we may see similar malware that is controlled via other social networks such as Facebook and LinkedIn.

Author : Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.


Related Posts