You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
People ask me all the time: As an advanced APT how would you persist, avoid detection and do you think that technique is actively used currently? Nah, they dont- and if they did I would ask them to leave me alone. I did have some random thoughts about it in the shower though.
These days "living off the land" is gaining popularity. What I dont get is why there is not more "EATING the land" If there already is functionality for your intended goal- why not use it?
A simple example is cryptolockers.... hey- we already have bitlocker for that, change some settings- maybe inject a little code and you will avoid detection and antivirus etc.
But- what about persistence? Well, why not reuse the built in kernel mode executing virtual machines? There is even one intended for ofuscation of the codes execution. By transforming code into Warbird bytecode and injecting it a place like authenticode validation you get it all
Obscurity, evasaion of AV and persistent execution. But what about stuff like c&c- surviving reboots etc. Well, the filtering platform could be a fit for that, kernel mode, interpeted and obscure. You could survive reboots as an ummm firewall rule I guess?
You can intercept and inject traffic into network as you want- bypass other filters, AV, endpoints etc. while not being listed as a loaded driver/nor a running exe/dll in any lists that could be inspected. Few people would even know how to approach detection of such a beast.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
