Cyber Criminals Use Skype to Disseminate Malware
As per the security companies 'M86' and 'Trend Micro,' cyber criminals once again resort to the proven and promising methods for running their malware campaigns. They have discovered a new exploit that targets Skype users to spread malware wildly.
Both the companies highlight that the exploit utilizes a vulnerability in a Skype component -- EasyBits Extras Manager. Although the exploit was detected and fixed in October 2009, many users still run the older vulnerable versions.
The vulnerability is used by cyber criminals to install malicious files, including a ZBOT variant. Trend Micro has recognized this variant as TROJ_ZBOT.COC. Since a typical ZBOT variant steals users' personal information, especially online banking details, the discovered variant also performs the same task.
As per M86, different versions vulnerable to exploitation via the EasyBits Extras Manager Unspecified Vulnerability include - Skype Technologies Skype 184.108.40.206, Skype Technologies Skype 220.127.116.11, Skype Technologies Skype 4.1 .130, Skype Technologies Skype 18.104.22.168 and several other.
Commenting on the malware scam, Bradley Anstis, VP of Technology, M86 Security, said that on the basis of data collected, the campaign didn't appear to be exhaustive one. The scam represented an example of the issue of application fix. For a large number of users, the vulnerability was quite high compared to the reported because people often neglect to update the latest versions as they were launched in the market, as reported by zdnet on June 16, 2010.
Even more disturbing is the fact that both Trend Micro and M86 reported another malware scam. The second malware scam does not only directly impersonate Skype, but also part of spam mail series that serve client-side exploits attacked by the malicious attackers. Some of the related themes currently used by the attackers are "Twitter Password Resets","Virus Notifications" and "FIFA World Cup Scandals/Bad news" and all that contains malicious .html attachments.
Finally, Skype has been the target and used by several malicious families as an infection vector for years. Some of the malware families are - KOOBFACE, STRAT and recently by PALEVO due to the expansion of user base.
Related article: Cyber Child abuser Sentenced To Imprisonment
» SPAMfighter News - 25-06-2010