Skip to content

S0302 Twitoor

Twitoor is a dropper application capable of receiving commands from social media.1

Item Value
ID S0302
Associated Names
Type MALWARE
Version 2.0
Created 25 October 2017
Last Modified 30 September 2020
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
mobile T1476 Deliver Malicious App via Other Means Twitoor can install attacker-specified applications.1
mobile T1521 Standard Cryptographic Protocol Twitoor encrypts its C2 communication.1
mobile T1508 Suppress Application Icon Twitoor can hide its presence on the system.1
mobile T1481 Web Service Twitoor can be controlled via Twitter.1

References

Back to top