funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: skype again - muhahaha

From: "Dr. Neal Krawetz" <hf () hackerfactor com>
Date: Fri, 23 Sep 2005 05:32:39 -0600 (MDT)
On Fri, 23 Sep 2005 08:34:04 +0200, Gadi Evron wrote:

This just hit /.:
http://it.slashdot.org/it/05/09/22/2155226.shtml?tid=172&tid=215&tid=218

Just to remind everybody's funsec's take on this issue by Dr. Neal Krawetz;

Combination #2: Phone Phishing
   Ring Ring
   "Hello?"
   (thick Russian accent) "Wello, Wis is eBay.  We need to werify account."

        Gadi


:-)
Ok, now I need to add to this prediction list...

Combination #3: Video Mules
eBay recently said that they like Skype for both audio and video support.
They can use this to connect buyers and sellers, who can negotiate
prices in real time.  (The Network Computing article actually compared
it to price haggling in the middle east -- a common practice.)

Since Skype is a peer-to-peer technology, phishers/carders will start
hiring video mules to represent "a respected company" in these online
chats.
  <enter dream sequence>
  Gadi buys a Commodore64 on eBay and answers Skype call.
  Gadi: You're selling this really cheap.  Does it work?
  Seller: I represent a very respected company.  They say it works.
  G: So you're not the seller?
  S: I represent a very respected company. You need to buy this NOW!
  G: So what do you get out of this?
  S: I keep a 10% commission.
  G: Ok!  Sounds good to me!
  </leave dream sequence>

I can even see the new mule harvesting emails:
  hey

  i am one of biggest boss in egyptian mafia . i am hacker from egypt , i
  hacking banks and get information of people .
  i can make millions of dollar but need good client and asistant in USA & UK
  & Canda . we will make many money together by making calls using skype
  and moving stolen merchandise (or just making seller promises and taking
  money) and we will split money 50/50 but if you don't accept this so forget
  about and delete this e-mail if u accept just send me ur info to contact u

    THaNKS

The lesbian Estonians (or Russians, if you believe Dan) currently hire
hookers for video chatrooms.  They have an ample supply of video mules
that are happy to work for the money.
The Brazillians, on the other hand, will never get this right because
they kidnap homeless children -- who only have the incentive of surviving
the ordeal.
  G: Uh, why do you look so panicked?
  S: I'm not panicked!  Please complete the transaction or they'll kill me!

The biggest problem for the Eastern European hackers/carders/phishers
is that many use dialup instead of broadband.  Every use Skype over dialup?
(Buy stock now!  Broadband sales in Russia are going to really take off
in order to support Skype-fraud!)


Combination #4: Skype and botnets
Speaking of peer-to-peer...
I wonder how long it will take for Skype-proxies to start appearing
in botnets?

                                        -Neal
--
Neal Krawetz, Ph.D.
Hacker Factor Solutions
http://www.hackerfactor.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: