In order to infect computers with Skype-criminals send out messages using the accounts already infected users.
Attackers in October-November 2013 re-used Skype to spread malicious software – this time the “banking” Trojan family BackDoor.Caphaw, writes Digit.ru .
According to the “Doctor Web”, the peak of such malicious mailings experts have recorded in the first half of November 2013. Malicious software (software) is able to steal the credentials of the banking systems (RBS), and other sensitive information stored on the infected machine.
According to a report by the Trojan infecting computers BackDoor.Caphaw recorded in the world in the last year, and about the second half of October, the cases spread BackDoor.Caphaw using mass mailing program through Skype, the largest scale it acquired during the period from 5 to 14 November.
In order to infect computers with Skype-criminals send out messages using the accounts already infected users. As explained Digit.ru the press service of the company, the attacker can use the compromised accounts database services that are sold on the “black” market. Messages include a link to the archive with the name invoice_HHHHH.pdf.exe.zip (where XXXXX – an arbitrary set of numbers), and the archive contains an executable file, which is a trojan horse. That is, follow the link, the user is automatically installs on your computer banking trojan.
According to experts, start the operating system, the Trojan can be integrated into the running processes on your computer and connect to a malicious server. Thus, the Trojan monitors the activity of the user and attempts to determine the connection attempts with various systems online banking. The installation of such a compound BackDoor.Caphaw may introduce a user viewed the Web page extraneous content and intercept data entered them into different shapes.