Chat Bot CyberLover Flirts to Steal Identities

Software that pretends to flirt online but actually extracts private information from unsuspecting partners at the other end of the conversation is being used on chat forums in Russia, according to PC Tools, the vendor of security software.

The program, called CyberLover, with its artificial intelligence automates chats that are convincing enough to make tough for victims to distinguish the chat bot from someone who could be a real suitor. The software program develops ten relationships varying from a 'romantic lover' to a 'sexual predator'. Victims of the bot are also directed to a 'private' website from where malware could be installed on their machines.

Vice President of PC Tools, Mike Greene, said that the more cautious people generally don't click a link or open attachments. But this imitates a genuine conversation, so one is likely to believe and divulge personal information, Greene explained. Shortnews published Greene's statement on December 9, 2007.

Senior malware Analyst, Sergei Shevchenko, at PC Tools, said that hackers could use the CyberLover tool to commit identity fraud, as it is equipped with social engineering at such an advanced level that was never found before. M-net published this in news on December 10, 2007.

PC Tools came to know about the existence of CyberLover in the first week of December 2007 from various discussions about malware and when it was monitoring its Internet relay chat rooms.

Robot chatter is a new type of attack that uses social engineering of trickery instead of taking advantage of a software hole to capture victim's precious information. Attacks of this kind have been increasing and are expected to grow even further.

The anonymity with which the Internet works influences people so much that they tend to disclose information through online chats capable of causing irreparable damage.

Albeit the current targets of the program are Russian websites, PC Tools is alerting users of social networks and chat rooms everywhere to be wary of such attacks. The software company recommends using an assumed name during online chats and not disclosing personal information. It also believes the creators of CyberLover are going to use it worldwide by February 2008.

Related article: Code Exploit Released Before Patch For Mac

» SPAMfighter News - 12/21/2007