VERY IMPORTANT

Android/Twitoor is a backdoor capable of downloading other malware onto an infected device. It has been active for around one month. This malicious app, a variant of Android/Twitoor.A, can’t be found on any official Android app store – it probably spreads by SMS or via malicious URLs. It impersonates a porn player app or MMS application but without having their functionality. After launching, it hides its presence on the system and checks the defined Twitter account at regular intervals for commands. Based on received commands, it can either download malicious apps or switch the C&C Twitter account to another one.