Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Skype-Dwelling Botnet Serves Up Adware

Skype-Dwelling Botnet Serves Up Adware


Security researchers found that botnets can now run on Skype and other cloud-based chat programs, thus providing an even lower-cost alternative for attackers. A widespread Skype solicitation phishing campaign has been discovered whereby the attack involve messages sent over Skype. Attackers tried to call with a username that also contains a link to a domain, www.viewror[d]com. Once clicked, a voice directs the user to click the download link and install a “proprietary” video player in order to play the video. Once the executable, VideoPlayer.exe, is opened, it asks to run as administrator, after which the user is presented with a screen to install the player. The media player is “Media Player Classic” and is not a fake program, and it is available as a free download online. It provides an excuse for the program to install and run a bunch of different junk code including several pieces of adware. The campaign is carried out via a botnet that spreads through the cloud and is part of an affiliate program where the attacker receives money on a per-install or per-download basis.
 
Read More:
 
Source:
 
Infosecurity Magazine
 
IT Security News
 
Team Cymru
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis