A new virus hits android…
Security researchers said they’ve found a new kind of malware that takes its instructions from code hidden in memes posted to Twitter.
The malware itself is relatively underwhelming: like most primitive remote access trojans (RATs), the malware quietly infects a vulnerable computer, takes screenshots and pulls other data from the affected system and sends it back to the malware’s command and control server.
What’s interesting is how the malware uses Twitter as an unwilling conduit in communicating with its malicious mothership.
Trend Micro said in a blog post that the malware listens for commands from a Twitter account run by the malware operator. The researchers found two tweets that used steganography to hide “/print” commands in the meme images, which told the malware to take a screenshot of an infected computer.
The malware then separately obtains the address where its command and control server is located from a Pastebin post, which directs the malware where to send the screenshots — 10/10 points for creativity, that’s for sure.
The researchers said that memes uploaded to the Twitter page could have included other commands, like “/processes” to retrieve a list of running apps and processes, “/clip” to steal the contents of a user’s clipboard and “/docs” to retrieve filenames from specific folders.
The malware appears to have first appeared in mid-October, according to a hash analysis by VirusTotal, around the time that the Pastebin post was first created. But the researchers admit they don’t have all the answers, and more work needs to be done to fully understand the malware.
It’s not clear where the malware came from, how it infects its victims or who’s behind it. It’s also not clear exactly what the malware is for — or its intended use in the future. The researchers also don’t know why the Pastebin post points to a local, non-internet address, suggesting it may be a proof-of-concept for future attacks.
Although Twitter didn’t host any malicious content, nor could the tweets result in a malware infection, it’s an interesting (although not unique) way of using the social media site as a clever way of communicating with malware. The logic goes that in using Twitter, the malware would connect to “twitter.com,” which is far less likely to be flagged or blocked by anti-malware software than a dodgy-looking server.
After Trend Micro reported the account, Twitter pulled the account offline, suspending it permanently. It’s not the first time malware or botnet operators have used Twitter as a platform for communicating with their networks. Even as far back as 2009, Twitter was used as a way to send commands to a botnet. And, as recently as 2016, Android malware would communicate with a predefined Twitter account to receive commands.
For the reason that the admin of this web page is working, no question very quickly it will be renowned, due to its quality contents.|
Hello I do consider all the ideas you’ve introduced to your post. They are very convincing and can certainly work. Still, the posts are very brief for starters.!!
For the reason that the admin of this site is working, no hesitation very shortly it will be famous, due to its quality contents.|
Thanks for sharing your thoughts about meta_keyword. Regards|
I think this is one of the most significant information for me. And i am glad reading your article. But should remark on some general things, The website style is wonderful, the articles is really excellent : D. Good job, cheers|
Thank you for the good writeup. It in fact was a amusement account it. Look advanced to more added agreeable from you! By the way, how could we communicate?|
Wonderful article! That is the type of information that are meant to be shared across the net. Shame on Google for no longer positioning this post higher! Come on over and consult with my web site . Thanks =)|
Hi, I do believe this is a great site. I stumbledupon it ? I may come back once again since I book marked it. Money and freedom is the greatest way to change, may you be rich and continue to help others.|
Thank you sir…?
Oh my goodness! Incredible article dude! Thanks, However I am having difficulties with your RSS. I don’t know why I am unable to subscribe to it. Is there anybody having the same RSS problems? Anyone that knows the solution can you kindly respond? Thanx!!|
http://mathsgee.com/qna/index.php?qa=user&qa_1=stanleykanstrup21
Hello! I know this is somewhat off topic but I was wondering if you knew where I could find a captcha plugin for my comment form? I’m using the same blog platform as yours and I’m having problems finding one? Thanks a lot!
Hi there, yeah this paragraph is truly pleasant and I have learned lot of things from it concerning blogging. thanks.|
Appreciate the recommendation. Let me try it out.|
That is really attention-grabbing, You are an overly skilled blogger. I have joined your feed and look forward to in the hunt for more of your great post. Additionally, I have shared your site in my social networks|
Wonderful items from you, man. I have bear in mind your stuff previous to and you are just too excellent. I actually like what you have received right here, certainly like what you are stating and the way in which in which you are saying it. You make it entertaining and you continue to take care of to stay it sensible. I can not wait to read much more from you. This is actually a great website.|
I’m really inspired together with your writing abilities as smartly as with the format in your weblog. Is this a paid topic or did you customize it yourself? Either way keep up the nice quality writing, it is uncommon to peer a great blog like this one these days..|
Thank you sir…?
I’d ought to talk to you here. Which isn’t some thing I usually do! I spend time reading a post that will make people believe. Also, many thanks for permitting me to comment!
Hi, I do believe this is a great site. I stumbledupon it ? I may come back once again since I book marked it. Money and freedom is the greatest way to change, may you be rich and continue to help others.|
Appreciate the recommendation. Let me try it out.|
I’d ought to talk to you here. Which isn’t some thing I usually do! I spend time reading a post that will make people believe. Also, many thanks for permitting me to comment!
Does your blog have a contact page? I’m having trouble locating it but, I’d like to shoot you an email. I’ve got some suggestions for your blog you might be interested in hearing. Either way, great website and I look forward to seeing it grow over time.|
Wonderful items from you, man. I have bear in mind your stuff previous to and you are just too excellent. I actually like what you have received right here, certainly like what you are stating and the way in which in which you are saying it. You make it entertaining and you continue to take care of to stay it sensible. I can not wait to read much more from you. This is actually a great website.|
If you desire to grow your familiarity just keep visiting this website and be updated with the most up-to-date news posted here.|
You need to take part in a contest for one of the finest websites on the net. I most certainly will highly recommend this website!|
That is really attention-grabbing, You are an overly skilled blogger. I have joined your feed and look forward to in the hunt for more of your great post. Additionally, I have shared your site in my social networks|
Wonderful blog! I found it while browsing on Yahoo News. Do you have any tips on how to get listed in Yahoo News? I’ve been trying for a while but I never seem to get there! Thank you|
https://ask.fm/palmhewitt19
For the reason that the admin of this site is working, no hesitation very shortly it will be famous, due to its quality contents.|
Thanks for sharing your thoughts about meta_keyword. Regards|
You need to take part in a contest for one of the finest websites on the net. I most certainly will highly recommend this website!|
Thanks designed for sharing such a fastidious thought, paragraph is fastidious, thats why i have read it fully|
Howdy! I simply wish to give you a big thumbs up for the excellent information you have right here on this post. I will be coming back to your website for more soon.|
Does your blog have a contact page? I’m having trouble locating it but, I’d like to shoot you an email. I’ve got some suggestions for your blog you might be interested in hearing. Either way, great website and I look forward to seeing it grow over time.|
Oh my goodness! an incredible article dude. Thanks Nonetheless I’m experiencing concern with ur rss . Don’t know why Unable to subscribe to it. Is there anybody getting an identical rss drawback? Anyone who is aware of kindly respond. Thnkx
Wonderful blog! I found it while browsing on Yahoo News. Do you have any tips on how to get listed in Yahoo News? I’ve been trying for a while but I never seem to get there! Thank you|
https://ask.fm/palmhewitt19
Thank you for the good writeup. It in fact was a amusement account it. Look advanced to more added agreeable from you! By the way, how could we communicate?|
Oh my goodness! Incredible article dude! Thanks, However I am having difficulties with your RSS. I don’t know why I am unable to subscribe to it. Is there anybody having the same RSS problems? Anyone that knows the solution can you kindly respond? Thanx!!|
http://mathsgee.com/qna/index.php?qa=user&qa_1=stanleykanstrup21
I think this is one of the most significant information for me. And i am glad reading your article. But should remark on some general things, The website style is wonderful, the articles is really excellent : D. Good job, cheers|
Wonderful article! That is the type of information that are meant to be shared across the net. Shame on Google for no longer positioning this post higher! Come on over and consult with my web site . Thanks =)|
Hello! I know this is somewhat off topic but I was wondering if you knew where I could find a captcha plugin for my comment form? I’m using the same blog platform as yours and I’m having problems finding one? Thanks a lot!
I’m really inspired together with your writing abilities as smartly as with the format in your weblog. Is this a paid topic or did you customize it yourself? Either way keep up the nice quality writing, it is uncommon to peer a great blog like this one these days..|
Hi there, yeah this paragraph is truly pleasant and I have learned lot of things from it concerning blogging. thanks.|
Thanks designed for sharing such a fastidious thought, paragraph is fastidious, thats why i have read it fully|
Hello I do consider all the ideas you’ve introduced to your post. They are very convincing and can certainly work. Still, the posts are very brief for starters.!!
Howdy! I simply wish to give you a big thumbs up for the excellent information you have right here on this post. I will be coming back to your website for more soon.|
Oh my goodness! an incredible article dude. Thanks Nonetheless I’m experiencing concern with ur rss . Don’t know why Unable to subscribe to it. Is there anybody getting an identical rss drawback? Anyone who is aware of kindly respond. Thnkx