Cybercriminals control malware via twitter
In these days, you can scroll through a whole page in your news feeds without meeting at least one meme.
They’re everywhere and not just posted to get a chuckle.
Image: Trend MicroIMAGE: TREND MICRO
Probably you know that memes played a role in the interference of the 2016 elections. Memes are now apparently used as a steady way to send commands to computers infected with malware.
Trend Micro researchers identified a Twitter account that hides messages within images-a technique called steganography. The account was created in 2017, but until two months ago it was mainly idle. It was when the memes of Matrix Morpheus appeared.
Although it is not unusual for criminal hackers to use popular websites such as Twitter, Google Docs or Pastebin as a kind of remote control for their malware, stenography is an interesting twist in this case. A mixture of text may raise suspicions, but a meme will probably not raise too many eyebrows.
After finding a new strain of malware, the trend has observed an unexpected interaction with this account. The Trojan started to monitor the Twitter feed for updates when it was activated on an infected machine. The images contained hidden ” print ” commands that told the Trojan to capture a screen and return it to its criminals. This is a trick malware creators use if they want to steal their victims ‘ usernames, passwords and credit card details.
The Trojan also has other skills. It can retrieve a list of files from an infected computer, see which programs are running, find out who’s logged in on the computer and capture any data copied to the clipboard.
There are indications that the malware has not yet been fully baked. Whoever is behind this new Trojan can still be fine tuning, so we probably haven’t heard the last of this meme machine for malware.