https://techcrunch.com/2018/12/17/malware-commands-code-twitter-hidden-memes/
By Zack Whittaker
TechCrunch.com
December 17, 2018
Security researchers said they’ve found a new kind of malware that takes
its instructions from code hidden in memes posted to Twitter.
The malware itself is relatively underwhelming: like most primitive remote
access trojans (RATs), the malware quietly infects a vulnerable computer,
takes screenshots and pulls other data from the affected system and sends
it back to the malware’s command and control server.
What's interesting is how the malware uses Twitter as an unwilling conduit
in communicating with its malicious mothership.
Trend Micro said in a blog post that the malware listens for commands from
a Twitter account run by the malware operator. The researchers found two
tweets that used steganography to hide "/print" commands in the meme
images, which told the malware to take a screenshot of an infected
computer. The malware then separately obtains the address where its
command and control server is located from a Pastebin post, which directs
the malware where to send the screenshots -- 10/10 points for creativity,
that’s for sure.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
