Skype trojan targets citizen journalists in Syria
A new Trojan malware infecting Skype videoconferencing software may be used to spy on others – particularly in Syria, an electronic freedom group warned this week.
The Electronic Frontier Foundation (EFF) said the malware, “BlackShades Remote Controller,” sells online for $40 and may be targeting activists in Syria.
It said there is evidence to suggest the use of BlackShades, whose capabilities include keystroke logging and remote screenshots, may have been carried out by pro-government hackers.
“This malware is distributed via Skype. It is distributed in the form of a .pif file,” it said.
During the latest attack, a malicious link is sent claiming to be an important new video.
When clicked, it can compromise the victim’s account and send itself to people in the victim’s address book.
EFF said pro-Syrian-government hackers had been responsible for fake-YouTube attacks, which lured Syrian activists in by advertising pro-opposition videos, then stole their YouTube login credentials.
Other attacks involved installing surveillance malware disguised as an Adobe Flash Player update.
EFF said the malware also gives an attacker the ability to execute arbitrary code on the infected computer.
“There is no guarantee that the attacker has not installed additional malicious software while in control of the machine,” it said.
It said the safest course of action is to re-install the operating system and change the passwords to any accounts the user may have logged into since the time of infection.
EFF also urged Syrian activists to be especially cautious when downloading files over the Internet, even in links that are purportedly sent by friends.
“As members of the Syrian opposition become more savvy in using encryption, satellite networks, and other tools to evade the Assad regime's extensive Internet surveillance capabilities, pro-Syrian-government malware campaigns have increased in frequency and sophistication. For Syrian activists, poor security practices can have potentially disastrous consequences,” it said.
New York-based media watchdog group Committee to Protect Journalists issued a similar warning, saying merely deleting the files or using anti-virus software does not guarantee the computer will be safe or secure. — TJD, GMA News
Talk of the web