01-21-2013 07:48 AM
(Translated from the original Italian)
The news is very concerning, a new variant of the banking malware known as Shylock has been detected, it includes the capability to spread over Skype.
Shylock is an old acquaintance for security community, the malware was detected for first time in 2011 by experts from Trustee firm, it is used to steal banking credentials from its victims and is considered one of the most insidious cyber threat for banking.
The first version of the malware demonstrated improved methodology for injecting code into browser to remote control the victim and an improved evasion technique to prevent detection by common antivirus software.
Curiously, the origin of the name for the malware, Shylock is the money lender in Shakespeare's opera The Merchant of Venice.
As many other malware (e.g. Zeus) it has been update in the time, in many cases the provisioning of a malware has been done through the malware-as-service model in adopted by author to implement various requests of the clients.
The news has been published by researchers from CSIS Security Group, that revealed that that the authors of malware have implemented a plugin named "msg.gsm" that allows the code to spread through the popular VOIP client including the following functionality:
Webroot® SecureAnywhere™ Internet Security Complete Beta v188.8.131.52 on my main system Windows 7 Ultimate 64bit & on Win XP 32bit, Win Vista 32bit, Win 7 32bit, Win 8.1 Pro 32bit & 64bit, Win 10 Preview 32bit & 64bit Build 9926 all on VM's also on my HTC One M8 Android Lollipop 5.0.1 Phone v184.108.40.20652.
01-21-2013 10:00 AM
01-21-2013 10:28 AM
I guess this nasty malware will spread over the social network very soon. I hate all this Facebook, Twitter, Google+ and Skype including.
I agree with you on that.
01-21-2013 02:33 PM - edited 01-21-2013 02:34 PM
Chat clients have long been a popular attack vector for malware authors, and with Microsoft moving from Messenger to Skype we can expect to see more malware using Skype to spread.
01-22-2013 11:13 AM
You know, a lot of elderly people use Skype to communicate with their families. I can see where these folks, who do not knwo much at all about computer security, can get in trouble. Many of them use their computer to Skype woith family, and check on their bank and other finicial accounts.
Big business for the bad guys.
01-22-2013 11:41 AM
Skype came pre-installed on our Toshiba Satellite laptop that my Wife uses. That was one of the many pre-installed programs I uninstalled.
While you can uninstall Skype and other similar from Microsoft OS you can't do that from Android devices unless it's rooted what's a shame. I have on my Android device preinstalled Facebook, Twitter and others but I can't uninstall them due to the said restriction.
01-22-2013 01:50 PM
As my tagline states... I am here to learn. So... that means time for what may be a stupid question for some of you.
How is the transmission of this obtained in Skype? Is it able to infect simply by communicating with an infected user, or does it need to be transmitted as part of a link/image/file?
New to the Community? Register now and start posting!
Helpful Webroot Links: