Newsletters
News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
Network Security
Tame your scariest paperwork. Find Out How
Average Rating:
Rate this article:  
Skype Messages Link to Malware, Make  PCs Bitcoin Slaves
Skype Messages Link to Malware, Make PCs Bitcoin Slaves

By Jennifer LeClaire
April 5, 2013 2:34PM

    Bookmark and Share
"I think some people overthink the motivation and actions of 'bad guys,' " said security expert Alex Horan. "Yes, there are absolutely skilled people doing this type of activity explicitly on behalf of their nation or government....But there are a lot more people just out there to make a buck." The latest is targeting Skype with malware to turn PCs into slave Bitcoin generators.
 



Skype users beware. Malware is targeting your favorite messaging app. Kaspersky is sounding the alarm this week with back-to-back posts about malicious campaigns on Skype.

One is a campaign that presents a malicious URL. The other uses its victim's machine to mine Bitcoins. Both are serious, but the second attack is getting major media attention.

Dmitry Bestuzhev, a Kaspersky Lab expert, on Thursday pointed out an infection vector via social engineering that's abusing infected Skype accounts by massively sending messages to contacts, with a link to a photo and the sentence, "I don't think I will ever sleep again after seeing this photo."

A Slave to Bitcoin

"Goo.gl short URL service shows that at the moment there are more than 170k clicks on the malicious URL and only 1 hour ago there were around 160k clicks," Bestuzhev said. "It means the campaign is quite active with around 10k clicks per hour or with 2.7 clicks per second!"

But most of the victims are from Russia and the Ukraine so far. Hours later, Bestuzhev turned his focus to the Bitcoin malware that's trending in Google News. He said it's a similar campaign in terms of propagation but different in terms of origins and purposes. Average clicking is also high, with more than 2,000 clicks per hour. Most of the potential victims live in Italy, followed by Russia, Poland, Costa Rica, Spain, Germany and Ukraine.

"Once the machine is infected it drops to the system many other pieces of malware. Downloads come from the Hotfile.com service. At the same time the malware connects to its C2 server located in Germany," Bestuzhev wrote in a blog post. "So what does malware do? To be honest many things but one of the most interesting is it turns the infected machine to a slave of the Bitcoin generator. The usage of CPU grows up significantly."

Cyber Economics

Alex Horan, a senior product manager at Core Security, said this is simple economics: How much does it cost to rent a large group of machines from a botnet herder? And how much money can I make in that period of time via Bitcoin? If the amount of money to be made is higher than the money to be spent, he said, then you are in business.

"I think some people overthink the motivation and actions of 'bad guys.' Yes, there are absolutely skilled people doing this type of activity explicitly on behalf of their nation or government -- or without explicit instructions, but with patriotic zeal," Horan told us. "But there are a lot more people just out there to make a buck. And if the scam du jour is Bitcoin harvesting via compromised machines then you can expect to see a lot of people -- of varying skill levels -- trying this out."

So how do you stop this? Horan said you can stop Bitcoin the same way you stop most other crimes -- stop it from being profitable.

"If paper money was so simple that you could not tell the difference between a photocopied note and a real one, a lot more people would be photocopying money," he said. "But creating passable counterfeit money requires a significant investment. Bitcoin needs to create some kind of equivalent, some way to distinguish between the actions of a machine that is being enslaved into work vs. those machines that have actively chosen to participate."
 

Tell Us What You Think
Comment:

Name:



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Network Security
1.   Wall Street Journal Hacked Again
2.   Dropbox for Business Boosts Security
3.   Banks Hit by Android-Skirting Malware
4.   New Technology Defeats Privacy Efforts
5.   Juniper DDoS for High-IQ Networks


advertisement
Android SMS Worm on the Loose
Malware lets bad actors cash in.
Average Rating:
New Technology Defeats Privacy Efforts
Study identifies 3 browser techniques.
Average Rating:
Banks Hit by Android-Skirting Malware
34 institutions, four European countries
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Wall Street Journal Hacked Again
Hacked again. That’s the story at the Wall Street Journal this week as the newspaper reports that the computer systems housing some of its news graphics were breached. Customers not affected -- yet.
 
Dropbox for Business Beefs Up Security
Dropbox is upping its game for business users. The cloud-based storage and sharing company has rolled out new security, search and other features to boost its appeal for businesses.
 
34 European Banks Hit by Android-Skirting Malware
Criminals have been finding gaping holes in Android-based two-factor authentication systems that banks around the world are using. The result: 34 banks in four European countries have been hit.
 

Enterprise Hardware Spotlight
Microsoft Makes Design Central to Its Future
Over the last four years, Microsoft has doubled the number of designers it employs, putting a priority on fashioning devices that work around people's lives -- and that are attractive and cool.
 
Contrary to Report, Lenovo's Staying in Small Windows Tablets
Device maker Lenovo has clarified a report that indicated it is getting out of the small Windows tablet business -- as in the ThinkPad 8 and the 8-inch Miix 2. But the firm said it is not exiting that market.
 
Seagate Unveils Networked Drives for Small Businesses
Seagate is out with five new networked attached storage products aimed at small businesses. The drives are for companies with up to 50 workers, and range in capacity from two to 20 terabytes.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | CRM Systems | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.