[Update: Alex Matrosov has posted screenshots of the Twebot update at http://twitpic.com/1ousmx and http://twitpic.com/1ouse5.]

Juraj Malcho, the Head of our Lab in Bratislava, reports that there have been further developments regarding the tool for creating Twitter-controlled bots described by Jorge Mieres and Sebastián Bortnik, Security Analysts at ESET Latin America, in an earlier blog at http://www.eset.com/blog/2010/05/14/botnet-for-twits-applications-for-dummies.

As more information has come in, the detection name has been changed from MSIL/Agent.NBW to MSIL/Twebot.A, in an attempt to use a name that corresponds to one used by other vendors. Unfortunately, the industry has not standardized (no change there, then) on a single name (other names being used include Troj/Tbotcfg-A and Trojan.Twitbot.A), but at least this name should (slightly) reduce potential confusion among customers and others. 

It also reflects the fact that this threat now looks like a significant malware family in its own right: a major MSIL/Twebot.B variant has already crawled out from under its rock.

David Harley CISSP FBCS CITP
Research Fellow & Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter:
http://twitter.com/esetresearch; http://twitter.com/ESETblog
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/

Also blogging at:
http://amtso.wordpress.com/
http://avien.net/blog
http://blogs.securiteam.com
http://blog.isc2.org/
http://macvirus.com/
http://chainmailcheck.wordpress.com
http://smallbluegreenblog.wordpress.com/