Sign up to our newsletter
The latest security news direct to your inbox
Juraj Malcho, the Head of our Lab in Bratislava, reports that there have been further developments regarding the tool for creating Twitter-controlled bots described by Jorge Mieres and Sebastián Bortnik, Security Analysts at ESET Latin America, in an earlier blog at http://www.eset.com/blog/2010/05/14/botnet-for-twits-applications-for-dummies.
As more information has come in, the detection name has been changed from MSIL/Agent.NBW to MSIL/Twebot.A, in an attempt to use a name that corresponds to one used by other vendors. Unfortunately, the industry has not standardized (no change there, then) on a single name (other names being used include Troj/Tbotcfg-A and Trojan.Twitbot.A), but at least this name should (slightly) reduce potential confusion among customers and others.
It also reflects the fact that this threat now looks like a significant malware family in its own right: a major MSIL/Twebot.B variant has already crawled out from under its rock.
David Harley CISSP FBCS CITP
Research Fellow & Director of Malware Intelligence
ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter:
ESET White Papers Page: http://www.eset.com/download/whitepapers.php
Securing Our eCity community initiative: http://www.securingourecity.org/
Also blogging at:
Author David Harley, ESET