SMB - Attackers get chatty on VOIP

Worm viruses increase on VOIP systems

The recent spate of malware attacks propagating throughout the user base of the Skype Internet calling system illustrates a broader trend toward cyber-criminals moving to take advantage of VOIP platforms as they become increasingly popular.

Security researchers tracking the latest pack of worm viruses to wriggle their way through the Skype community's chat system said that the threats are nearly identical to attacks that have plagued users of other publicly-available messaging applications for years.

However, as Skype and other VOIP systems become even more widespread and greater numbers of businesses move to adopt the technologies, experts predict that cyber-criminals will ratchet-up the severity and diversity of the attacks they aim at users of the software.

In mid-May, London-based Skype -- which is owned by eBay -- launched a series of trials of new enterprise features that it hopes will encourage larger numbers of businesses to consider use of its publicly-available VOIP applications.

The potential to use such programs to infiltrate business networks and carry out attacks will drive malware code writers and other schemers to similarly increase their focus on VOIP platforms, researchers said.

On May 24, Chris Boyd, a researcher at FaceTime Communications -- which established a partnership to provide security applications to Skype in Feb. 2007 -- noticed a new variant of the so-called Skype worm that has been spreading through the VOIP client's messaging system for the last several months.

Unlike previous versions of the threat that merely passed themselves along to other Skype users via their contact lists, the new variant will also "jump" to other more established networks, including the ICQ and MSN messenger platforms.

The development illustrates not only that attacks aimed at users of VOIP networks are escalating and becoming more sophisticated, but also that they are being pulled into use by the smartest and most aggressive cyber-criminals looking for new revenue streams, Boyd said.

"There are a lot of businesses picking up Skype in the workplace, and it's a good bet that if they have Skype on there, they have other IM clients. The attackers are really trying to hit as many people as possible in a random manner, but this is the first instance we've seen of an attempt to get a foot in the door of other networks using Skype," Boyd said.

While the attack merely passes itself along to contacts listed in the messaging accounts of affected users, versus dropping malware onto their computers, it does attempt to lure people into clicking on links that point to a range of virus-infecting Web sites.

Boyd said that several of the involved URLs have been used in previous attacks on Skype users, including a handful of sites registered through Chinese hosting companies.

The researcher believes that the endgame of the hackers behind the threat is to steal valuable data from infected users and pass it back to themselves over Skype's encrypted messaging system. Boyd said that there is also growing evidence of attackers building proof-of-concept botnet threats aimed specifically at Skype users.

"Things can potentially get passed out of an organization using Skype because the messaging communications are encrypted and hard to fiddle with. That could be one of the angles," Boyd said. "It's just interesting that the attacks we saw for several months have been so consistent, and now there's this significant change in targeting different networks. I think we'll see more editions in the coming weeks and a substantial attack on Skype users at some point."

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

InfoWorld

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?