Skype, Bitcoin attacks highlight social engineering threats
Following a high profile social engineering attack on Skype earlier this month, a second malicious campaign has been targeted at Skype users, which aims to fraudulently generate the Bitcoin virtual currency.
The initial attack was launched around the first week of March, according to Kaspersky Lab data, but just last week users were still clicking up to 10,000 malicious links per hour on the Skype platform – an average of 2.7 clicks per second. Within the code, loaded to a victim’s PC, there was a clear mention of ‘Bitcoin wallet’.
The second attack, launched early April, asks users to follow a link to a malicious site which installed malware capable of generating the Bitcoin currency. The alternative payment system allows users to earn ‘bitcoins’ in return for leasing out their computing resources. The virtual money can later be converted into another currency or used to pay for goods and services in online stores.
“Of course cybercriminals couldn’t help but pay attention to Bitcoin,” claims Kaspersky Lab cybersecurity expert Sergey Lozhkin. “The Bitcoin currency transactions system itself implies full anonymity and that’s why cybercriminals started using it so actively. Underground forums are full of offers to buy and sell with Bitcoins. Drugs, arms, 0-day exploits, Trojans and viruses are bought and sold using the currency,” he says.
It is unlikely to be a coincidence that the campaign began when Bitcoin’s exchange rate hit an all-time high. On April 5, the rate reached $132 per coin – a dramatic growth compared to the 2011 rate of below $2 per coin. Anonymous transactions are significantly harder to track, and with a new array of currency exchange services, both legal and underground, options are increasing for cybercriminals.
“More hardware resources are needed to mine, which is why we are seeing malware that installs a Bitcoin miner module on victim computers, using their resources and creating a Bitcoin-mining botnet that could be quite a good source of income for its owner,” he says.
Account recovery issue could make all Skype users vulnerable
Users most affected are based in Russia, the Ukraine, Bulgaria, China, Taiwan and Italy, but the threat is not contained and lingers just after Etisalat announced it will unblock access to Skype in the UAE.
Skype users have anonymously claimed their accounts have been ‘stolen’ up to six times, and that all users are vulnerable due to inadequate account recovery policies. One user highlighted that Skype customer support requires just three simple details to complete the account recovery procedure:
•3-5 of the Skype account holder’s contacts
•One email address the account holder used on Skype at any point
•Account holder’s first and/or last name
“It was Skype Support’s fault my account was stolen, multiple times, and had nothing to do with end-users,” he says.
Cyberattacks rely on ‘curiosity, stupidity and greed’
Kaspersky Lab’s philosophy on cybersecurity is there are ‘no absolutely safe applications’ – they can all be cracked or broken. But according to Chief Marketing Officer, Alexander Erofeev, it is usually humans ourselves that create vulnerabilities.
“If you go back and look at historical viruses, all of them tried to use different human traits like curiosity and stupidity. Nothing has actually changed,” he says.
“iOS [for example] does not have many viruses, and is not so vulnerable, but phishing is platform neutral. If you go to the wrong site, it absolutely does not matter if you’re on Android, Windows, iOS or Linux,” he tells AMEinfo.
The way you get scammed can be based entirely on your online behavior, but protection is obviously a much more technical affair. Whatever platform you use, security software can at least hint that you’re going to the wrong place.
“There are a lot of security issues connected with virtual money. This is the same problem we see with Android – if you want to make something popular, you can’t make it too safe,” says Erofeev. “There is a negative correlation between how safe and widespread something is. If it’s too safe, no one will use it.
“Bitcoin is based on a very sophisticated algorithm and people have said no one can counterfeit this money, but nothing prevents bad guys from cheating people and making imitation money. There is a greed factor”.
See previously: Demand for mobile payments grows in the Middle East