Kaspersky Lab experts have detected two malware campaigns that operate via Skype: in both cases, cybercriminals are using social engineering methods for users to prick a malicious link promising to show a photo or video interesting. They have created accounts on Skype to distribute malicious links through two campaigns. The goal is to convert one infected computer in a “slave Bitcoin”.
The first attack was launched in early March, but in recent days the users and malicious link poked average 2.7 times per second, or 10,000 times per hour. The click on the links are located mainly in Russia, Ukraine, Bulgaria, China, Taiwan and Italy. By analyzing the code loaded on the victim’s PC, the company experts have found a purse line that mentions “Bitcoin wallet.”
On April 4, a new attack was detected in Skype like inviting users to click a link. Kaspersky Lab experts found it was malicious and installed on the computers of victims a new malware capable of generating currency Bitcoin. This monetary system allows users to get Bitcoins in exchange for leasing their resources. Virtual money can be converted later in another currency or use it to pay for goods and services in online shops. The latter takes a few days cyberattack operating, but has quickly gained momentum as the night the day April 4 around 2,000 users followed the malicious link every hour, as calculated by Dmitry Bestuzhev, analyst at Kaspersky Lab
Italy, Russia, Poland, Costa Rica, Spain, Germany and Ukraine are the main objectives of this second malicious campaign. It seems unlikely to be a coincidence that the malicious campaign began when the Bitcoin exchange rate obtained highs. On April 5, the index reached $ 132 per coin – a large growth compared to the 2011 rate of less than $ 2 per coin. “A very tempting figure for cybercriminals,” said Kaspersky Lab expert Sergey Lozhkin.
“The transaction currency Bitcoin anonymity implies complete, so cybercriminals have begun using it as active. These anonymous transactions are very difficult to follow and feel safe cybercriminals. For this reason a module installs malware on the computers of victims, using their resources and creating a Bitcoin botnet could be a good source of income for its owner. “
Users of Kaspersky Internet Security are protected thanks to the KSN cloud service. If your computer suddenly slows down and some processes use 90% (or more) of your CPU in Task Manager should scan your PC with an antivirus.
Kaspersky Lab recommends that users of Skype or any other instant messaging program to be wary. Even if the message comes from people they know is possible that the computer has been infected and is controlled by cybercriminals. We also encourage users to do the following to ensure your device remains secure:
Install and maintain the security solution
Keep your operating system updated
Update all third-party applications
use a secure browser to access the Internet
Use strong passwords containing letters, numbers and symbols (? #!., Etc …) and are different for each resource website or