SMB - Attackers get chatty on VOIP

Worm viruses increase on VOIP systems

The recent spate of malware attacks propagating throughout the user base of the Skype Internet calling system illustrates a broader trend toward cyber-criminals moving to take advantage of VOIP platforms as they become increasingly popular.

Security researchers tracking the latest pack of worm viruses to wriggle their way through the Skype community's chat system said that the threats are nearly identical to attacks that have plagued users of other publicly-available messaging applications for years.

However, as Skype and other VOIP systems become even more widespread and greater numbers of businesses move to adopt the technologies, experts predict that cyber-criminals will ratchet-up the severity and diversity of the attacks they aim at users of the software.

In mid-May, London-based Skype -- which is owned by eBay -- launched a series of trials of new enterprise features that it hopes will encourage larger numbers of businesses to consider use of its publicly-available VOIP applications.

The potential to use such programs to infiltrate business networks and carry out attacks will drive malware code writers and other schemers to similarly increase their focus on VOIP platforms, researchers said.

On May 24, Chris Boyd, a researcher at FaceTime Communications -- which established a partnership to provide security applications to Skype in Feb. 2007 -- noticed a new variant of the so-called Skype worm that has been spreading through the VOIP client's messaging system for the last several months.

Unlike previous versions of the threat that merely passed themselves along to other Skype users via their contact lists, the new variant will also "jump" to other more established networks, including the ICQ and MSN messenger platforms.

The development illustrates not only that attacks aimed at users of VOIP networks are escalating and becoming more sophisticated, but also that they are being pulled into use by the smartest and most aggressive cyber-criminals looking for new revenue streams, Boyd said.

"There are a lot of businesses picking up Skype in the workplace, and it's a good bet that if they have Skype on there, they have other IM clients. The attackers are really trying to hit as many people as possible in a random manner, but this is the first instance we've seen of an attempt to get a foot in the door of other networks using Skype," Boyd said.

While the attack merely passes itself along to contacts listed in the messaging accounts of affected users, versus dropping malware onto their computers, it does attempt to lure people into clicking on links that point to a range of virus-infecting Web sites.

Boyd said that several of the involved URLs have been used in previous attacks on Skype users, including a handful of sites registered through Chinese hosting companies.

The researcher believes that the endgame of the hackers behind the threat is to steal valuable data from infected users and pass it back to themselves over Skype's encrypted messaging system. Boyd said that there is also growing evidence of attackers building proof-of-concept botnet threats aimed specifically at Skype users.

"Things can potentially get passed out of an organization using Skype because the messaging communications are encrypted and hard to fiddle with. That could be one of the angles," Boyd said. "It's just interesting that the attacks we saw for several months have been so consistent, and now there's this significant change in targeting different networks. I think we'll see more editions in the coming weeks and a substantial attack on Skype users at some point."

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

InfoWorld
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?