SlideShare ist ein Scribd-Unternehmen logo

Skype: A New Avenue for Old Tricks

Trend Micro
Trend Micro

In Web Threat Spotlight Issue 64 TrendLabs looks at a recent Skype spam campaign where messages included a URL (masked by a shortened URL) which lead to a new IM worm.

Technologie
1 von 2
Downloaden Sie, um offline zu lesen
Web Threat Spotlight A Web threat is any threat that uses the Internet to facilitate cybercrime. ISSUE NO. 64 MAY 24, 2010 Skype: A New Avenue of Old Tricks URL shorteners are just one of the many technologies born in the Web 2.0 era. The kind of service they provide, that is, shortening URLs to a more compact and understandable form, have no doubt made information sharing a breeze for any Internet user. A Wikipedia entry cited a number of reasons why anyone should use this service, most of which are good. URL shortening was, after all, not designed to trick users into falling for malicious schemes but cybercriminals still managed to turn them into tools of their trade. The Threat Defined Shortened URLs in Skype Point to New Worm TrendLabsSM engineers recently got wind of a new Skype spam campaign. The spammed message was reported to have come from the Skype users’ contacts. Each message sported the format “fotooo ha :P {random URL}.” In a spam sample TrendLabs engineers analyzed, one of the random URLs appeared as a TinyURL link from which a worm binary named slika.exe aka WORM_PALEVO.AZA could be downloaded. WORM_PALEVO.AZA is an instant-messaging (IM) worm capable of connecting to remote servers in an attempt to contact its creator in order to receive commands. It can also download other possibly malicious files and terminate the Windows update service, wuauserv. Apart from affecting Skype users, the attack was also found to be capable of affecting Yahoo! Messenger users. Figure 1. Sample Skype spam Recycled Resource Cybercriminals seem to be using Skype as their weapon of choice in order to distribute malware, as prior to this particular attack, the IM-and-VoIP-application-in-one was also used in another pump-and-dump attack just this February, following a list of older Skype-related attacks, including the following:  “New KOOBFACE Variant” Targets Skype  Trojan Targets Skype Users  Voice-Over-Net-AGE Phished! Using URL-shortening services is no longer new, as this April, TrendLabs also recovered binary samples taken from links in messages sent via Yahoo! Messenger and MSN that led to the download of WORM_BUZUS.AG and WORM_KOOBFACE.ZD. User Risks and Exposure An independent monitoring group recently hailed Skype as the most popular IM client compared with Tencent QQ, Windows Live Messenger, and Yahoo! Messenger. With 560 million registered users worldwide, it is thus not surprising that cybercriminals continue to leverage Skype to spread malicious files, not discounting the fact that the number of IM users is expected to steadily increase by 2 million each year from 2010 to 2013. 1 of 2 – WEB THREAT SPOTLIGHT
Web Threat Spotlight A Web threat is any threat that uses the Internet to facilitate cybercrime. There is no doubt that instant messengers have become part of every Internet user’s life as a means to interact with people all over the world. In fact, Skype and similar applications are no longer limited to personal use. They have transcended to become business tools, too. Figure 2. WORM_PALEVO.AZA infection diagram Just because the instant messages one receives come from people in his/her contact list does not mean he/she should let his/her guard down. Recipients of suspicious instant messages should still refrain from clicking links in messages—regardless of platform (e.g., email, instant message) or source (i.e., known or unknown)—as doing so could lead to system infection. Trend Micro Solutions and Recommendations Trend Micro™ Smart Protection Network™ infrastructure delivers security that is smarter than conventional approaches. Leveraged across Trend Micro’s solutions and services, Smart Protection Network™ combines unique in-the-cloud reputation technologies with patent-pending threat correlation technology to immediately and automatically protect your information wherever you connect. In this attack, Smart Protection Network protects Trend Micro product users by preventing access to malicious sites whose links appear in spammed instant messages via the email reputation service. File reputation service, on the other hand, detects and prevents the execution of the malicious files—WORM_PALEVO.AZA, WORM_BUZUS.AG, and WORM_KOOBFACE.ZD—on user systems. The following post at the TrendLabs Malware Blog discusses this threat: http://blog.trendmicro.com/spam-sends-malicious-links-to-skype-users/ The virus reports are found here: http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_PALEVO.AZA http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_BUZUS.AG http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_KOOBFACE.ZD Other related posts are found here: http://en.wikipedia.org/wiki/URL_shortening http://en.wikipedia.org/wiki/TinyURL http://www.answers.com/topic/pump-and-dump http://blog.trendmicro.com/pump-and-dump-spam-makes-a-comeback-on-skype/ http://blog.trendmicro.com/new-koobface-variant-targets-skype/ http://blog.trendmicro.com/trojan-targets-skype-users/ http://blog.trendmicro.com/voice-over-net-age-phished/ http://royal.pingdom.com/2010/04/23/amazing-facts-and-figures-about-instant-messaging-infographic/ 2 of 2 – WEB THREAT SPOTLIGHT

Empfohlen

Stress
StressStress
Stresssutrisno2629
 
Solar energy
Solar energySolar energy
Solar energyatog_bengga
 
Spontaneous meditation
Spontaneous meditationSpontaneous meditation
Spontaneous meditationlcw3113
 
Ijnsa050214
Ijnsa050214Ijnsa050214
Ijnsa050214IJNSA Journal
 
Digiconta Kobra Guide To Choose Your Kobra Shredders Pt
Digiconta Kobra Guide To Choose Your Kobra Shredders PtDigiconta Kobra Guide To Choose Your Kobra Shredders Pt
Digiconta Kobra Guide To Choose Your Kobra Shredders PtAlexandre Sequeira
 
Publish Quality New Frontier
Publish Quality New FrontierPublish Quality New Frontier
Publish Quality New Frontierpateldivakar
 
办公设备维护
办公设备维护办公设备维护
办公设备维护Andy Wu
 
Listening Skills For Leaders: How To Conduct A One On One Conversation To Mot...
Listening Skills For Leaders: How To Conduct A One On One Conversation To Mot...Listening Skills For Leaders: How To Conduct A One On One Conversation To Mot...
Listening Skills For Leaders: How To Conduct A One On One Conversation To Mot...4Good.org
 

Empfohlen

Stress
StressStress
Stresssutrisno2629
 
Solar energy
Solar energySolar energy
Solar energyatog_bengga
 
Spontaneous meditation
Spontaneous meditationSpontaneous meditation
Spontaneous meditationlcw3113
 
Ijnsa050214
Ijnsa050214Ijnsa050214
Ijnsa050214IJNSA Journal
 
Digiconta Kobra Guide To Choose Your Kobra Shredders Pt
Digiconta Kobra Guide To Choose Your Kobra Shredders PtDigiconta Kobra Guide To Choose Your Kobra Shredders Pt
Digiconta Kobra Guide To Choose Your Kobra Shredders PtAlexandre Sequeira
 
Publish Quality New Frontier
Publish Quality New FrontierPublish Quality New Frontier
Publish Quality New Frontierpateldivakar
 
办公设备维护
办公设备维护办公设备维护
办公设备维护Andy Wu
 
Listening Skills For Leaders: How To Conduct A One On One Conversation To Mot...
Listening Skills For Leaders: How To Conduct A One On One Conversation To Mot...Listening Skills For Leaders: How To Conduct A One On One Conversation To Mot...
Listening Skills For Leaders: How To Conduct A One On One Conversation To Mot...4Good.org
 
40520130101003
4052013010100340520130101003
40520130101003IAEME Publication
 
reglsa juego mundial 2002
reglsa juego mundial 2002reglsa juego mundial 2002
reglsa juego mundial 2002angelsaezgil
 
Medical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIAC
Medical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIACMedical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIAC
Medical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIACWanda391Engel
 
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are OpenedIBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are OpenedIBM India Smarter Computing
 
Minutes council 12-01-10
Minutes council 12-01-10Minutes council 12-01-10
Minutes council 12-01-10gholten
 
Introduction to Linux #1
Introduction to Linux #1Introduction to Linux #1
Introduction to Linux #1UNIST
 
Risk assessment topic 3
Risk assessment topic 3Risk assessment topic 3
Risk assessment topic 3David Lunn
 
Industrial Remote Controllers Safety, Security, Vulnerabilities
Industrial Remote Controllers Safety, Security, VulnerabilitiesIndustrial Remote Controllers Safety, Security, Vulnerabilities
Industrial Remote Controllers Safety, Security, VulnerabilitiesTrend Micro
 
Investigating Web Defacement Campaigns at Large
Investigating Web Defacement Campaigns at LargeInvestigating Web Defacement Campaigns at Large
Investigating Web Defacement Campaigns at LargeTrend Micro
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Trend Micro
 
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...Trend Micro
 
Skip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSSkip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSTrend Micro
 
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.Trend Micro
 
Mobile Telephony Threats in Asia
Mobile Telephony Threats in AsiaMobile Telephony Threats in Asia
Mobile Telephony Threats in AsiaTrend Micro
 
Cybercrime In The Deep Web
Cybercrime In The Deep WebCybercrime In The Deep Web
Cybercrime In The Deep WebTrend Micro
 
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)Trend Micro
 
HBR APT framework
HBR APT frameworkHBR APT framework
HBR APT frameworkTrend Micro
 
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking SystemsCaptain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking SystemsTrend Micro
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksTrend Micro
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Trend Micro
 
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest TexasTrend Micro
 

Weitere ähnliche Inhalte

Andere mochten auch

reglsa juego mundial 2002
reglsa juego mundial 2002reglsa juego mundial 2002
reglsa juego mundial 2002angelsaezgil
 
Medical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIAC
Medical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIACMedical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIAC
Medical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIACWanda391Engel
 
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are OpenedIBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are OpenedIBM India Smarter Computing
 
Minutes council 12-01-10
Minutes council 12-01-10Minutes council 12-01-10
Minutes council 12-01-10gholten
 
Introduction to Linux #1
Introduction to Linux #1Introduction to Linux #1
Introduction to Linux #1UNIST
 
Risk assessment topic 3
Risk assessment topic 3Risk assessment topic 3
Risk assessment topic 3David Lunn
 

Andere mochten auch (7)

40520130101003
4052013010100340520130101003
40520130101003
 
reglsa juego mundial 2002
reglsa juego mundial 2002reglsa juego mundial 2002
reglsa juego mundial 2002
 
Medical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIAC
Medical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIACMedical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIAC
Medical Zodiac And Also Wellbeing ISSUES-ZODIAC By ZODIAC
 
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are OpenedIBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
IBM’s zEnterprise Really Stretches Its Boundaries — New Windows Are Opened
 
Minutes council 12-01-10
Minutes council 12-01-10Minutes council 12-01-10
Minutes council 12-01-10
 
Introduction to Linux #1
Introduction to Linux #1Introduction to Linux #1
Introduction to Linux #1
 
Risk assessment topic 3
Risk assessment topic 3Risk assessment topic 3
Risk assessment topic 3
 

Mehr von Trend Micro

Industrial Remote Controllers Safety, Security, Vulnerabilities
Industrial Remote Controllers Safety, Security, VulnerabilitiesIndustrial Remote Controllers Safety, Security, Vulnerabilities
Industrial Remote Controllers Safety, Security, VulnerabilitiesTrend Micro
 
Investigating Web Defacement Campaigns at Large
Investigating Web Defacement Campaigns at LargeInvestigating Web Defacement Campaigns at Large
Investigating Web Defacement Campaigns at LargeTrend Micro
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Trend Micro
 
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...Trend Micro
 
Skip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSSkip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSTrend Micro
 
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.Trend Micro
 
Mobile Telephony Threats in Asia
Mobile Telephony Threats in AsiaMobile Telephony Threats in Asia
Mobile Telephony Threats in AsiaTrend Micro
 
Cybercrime In The Deep Web
Cybercrime In The Deep WebCybercrime In The Deep Web
Cybercrime In The Deep WebTrend Micro
 
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)Trend Micro
 
HBR APT framework
HBR APT frameworkHBR APT framework
HBR APT frameworkTrend Micro
 
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking SystemsCaptain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking SystemsTrend Micro
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksTrend Micro
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Trend Micro
 
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest TexasTrend Micro
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloudTrend Micro
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesTrend Micro
 
Threat predictions 2011
Threat predictions 2011 Threat predictions 2011
Threat predictions 2011 Trend Micro
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep securityTrend Micro
 
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
Assuring regulatory compliance, ePHI protection, and secure healthcare deliveryAssuring regulatory compliance, ePHI protection, and secure healthcare delivery
Assuring regulatory compliance, ePHI protection, and secure healthcare deliveryTrend Micro
 

Mehr von Trend Micro (20)

Industrial Remote Controllers Safety, Security, Vulnerabilities
Industrial Remote Controllers Safety, Security, VulnerabilitiesIndustrial Remote Controllers Safety, Security, Vulnerabilities
Industrial Remote Controllers Safety, Security, Vulnerabilities
 
Investigating Web Defacement Campaigns at Large
Investigating Web Defacement Campaigns at LargeInvestigating Web Defacement Campaigns at Large
Investigating Web Defacement Campaigns at Large
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
 
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
Automated Security for the Real-time Enterprise with VMware NSX and Trend Mic...
 
Skip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWSSkip the Security Slow Lane with VMware Cloud on AWS
Skip the Security Slow Lane with VMware Cloud on AWS
 
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
Dark Web Impact on Hidden Services in the Tor-based Criminal Ecosystem Dr.
 
Mobile Telephony Threats in Asia
Mobile Telephony Threats in AsiaMobile Telephony Threats in Asia
Mobile Telephony Threats in Asia
 
Cybercrime In The Deep Web
Cybercrime In The Deep WebCybercrime In The Deep Web
Cybercrime In The Deep Web
 
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
AIS Exposed: New vulnerabilities and attacks. (HITB AMS 2014)
 
HBR APT framework
HBR APT frameworkHBR APT framework
HBR APT framework
 
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking SystemsCaptain, Where Is Your Ship – Compromising Vessel Tracking Systems
Captain, Where Is Your Ship – Compromising Vessel Tracking Systems
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep Discovery
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted Attacks
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012
 
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas[Case Study ~ 2011] Baptist Hospitals of Southest Texas
[Case Study ~ 2011] Baptist Hospitals of Southest Texas
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloud
 
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security TechniquesEncryption in the Public Cloud: 16 Bits of Advice for Security Techniques
Encryption in the Public Cloud: 16 Bits of Advice for Security Techniques
 
Threat predictions 2011
Threat predictions 2011 Threat predictions 2011
Threat predictions 2011
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep security
 
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
Assuring regulatory compliance, ePHI protection, and secure healthcare deliveryAssuring regulatory compliance, ePHI protection, and secure healthcare delivery
Assuring regulatory compliance, ePHI protection, and secure healthcare delivery
 

Kürzlich hochgeladen

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 

Kürzlich hochgeladen (20)

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Skype: A New Avenue for Old Tricks

  • 1. Web Threat Spotlight A Web threat is any threat that uses the Internet to facilitate cybercrime. ISSUE NO. 64 MAY 24, 2010 Skype: A New Avenue of Old Tricks URL shorteners are just one of the many technologies born in the Web 2.0 era. The kind of service they provide, that is, shortening URLs to a more compact and understandable form, have no doubt made information sharing a breeze for any Internet user. A Wikipedia entry cited a number of reasons why anyone should use this service, most of which are good. URL shortening was, after all, not designed to trick users into falling for malicious schemes but cybercriminals still managed to turn them into tools of their trade. The Threat Defined Shortened URLs in Skype Point to New Worm TrendLabsSM engineers recently got wind of a new Skype spam campaign. The spammed message was reported to have come from the Skype users’ contacts. Each message sported the format “fotooo ha :P {random URL}.” In a spam sample TrendLabs engineers analyzed, one of the random URLs appeared as a TinyURL link from which a worm binary named slika.exe aka WORM_PALEVO.AZA could be downloaded. WORM_PALEVO.AZA is an instant-messaging (IM) worm capable of connecting to remote servers in an attempt to contact its creator in order to receive commands. It can also download other possibly malicious files and terminate the Windows update service, wuauserv. Apart from affecting Skype users, the attack was also found to be capable of affecting Yahoo! Messenger users. Figure 1. Sample Skype spam Recycled Resource Cybercriminals seem to be using Skype as their weapon of choice in order to distribute malware, as prior to this particular attack, the IM-and-VoIP-application-in-one was also used in another pump-and-dump attack just this February, following a list of older Skype-related attacks, including the following:  “New KOOBFACE Variant” Targets Skype  Trojan Targets Skype Users  Voice-Over-Net-AGE Phished! Using URL-shortening services is no longer new, as this April, TrendLabs also recovered binary samples taken from links in messages sent via Yahoo! Messenger and MSN that led to the download of WORM_BUZUS.AG and WORM_KOOBFACE.ZD. User Risks and Exposure An independent monitoring group recently hailed Skype as the most popular IM client compared with Tencent QQ, Windows Live Messenger, and Yahoo! Messenger. With 560 million registered users worldwide, it is thus not surprising that cybercriminals continue to leverage Skype to spread malicious files, not discounting the fact that the number of IM users is expected to steadily increase by 2 million each year from 2010 to 2013. 1 of 2 – WEB THREAT SPOTLIGHT
  • 2. Web Threat Spotlight A Web threat is any threat that uses the Internet to facilitate cybercrime. There is no doubt that instant messengers have become part of every Internet user’s life as a means to interact with people all over the world. In fact, Skype and similar applications are no longer limited to personal use. They have transcended to become business tools, too. Figure 2. WORM_PALEVO.AZA infection diagram Just because the instant messages one receives come from people in his/her contact list does not mean he/she should let his/her guard down. Recipients of suspicious instant messages should still refrain from clicking links in messages—regardless of platform (e.g., email, instant message) or source (i.e., known or unknown)—as doing so could lead to system infection. Trend Micro Solutions and Recommendations Trend Micro™ Smart Protection Network™ infrastructure delivers security that is smarter than conventional approaches. Leveraged across Trend Micro’s solutions and services, Smart Protection Network™ combines unique in-the-cloud reputation technologies with patent-pending threat correlation technology to immediately and automatically protect your information wherever you connect. In this attack, Smart Protection Network protects Trend Micro product users by preventing access to malicious sites whose links appear in spammed instant messages via the email reputation service. File reputation service, on the other hand, detects and prevents the execution of the malicious files—WORM_PALEVO.AZA, WORM_BUZUS.AG, and WORM_KOOBFACE.ZD—on user systems. The following post at the TrendLabs Malware Blog discusses this threat: http://blog.trendmicro.com/spam-sends-malicious-links-to-skype-users/ The virus reports are found here: http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_PALEVO.AZA http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_BUZUS.AG http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_KOOBFACE.ZD Other related posts are found here: http://en.wikipedia.org/wiki/URL_shortening http://en.wikipedia.org/wiki/TinyURL http://www.answers.com/topic/pump-and-dump http://blog.trendmicro.com/pump-and-dump-spam-makes-a-comeback-on-skype/ http://blog.trendmicro.com/new-koobface-variant-targets-skype/ http://blog.trendmicro.com/trojan-targets-skype-users/ http://blog.trendmicro.com/voice-over-net-age-phished/ http://royal.pingdom.com/2010/04/23/amazing-facts-and-figures-about-instant-messaging-infographic/ 2 of 2 – WEB THREAT SPOTLIGHT