Syrian Government Uses Skype To Push Malware To Activists 139
judgecorp writes "The Syrian government is using Skype as a channel to infect activists' systems with malware, installing Trojans and backdoors, according to security firm F-Secure. The evidence comes from a hard drive sent for analysis. 'The activist's system had become infected as a result of a Skype chat. The chat request came from a fellow activist. The problem was that the fellow activist had already been arrested and could not have started the chat. Initial infection occurred when the activist accepted a file called MACAddressChanger.exe over the chat. This utility was supposed to change the hardware MAC address of the system in order to bypass some monitoring tools. Instead, it dropped a file called silvia.exe which was a backdoor — a backdoor called "Xtreme RAT." Xtreme Rat is a full-blown malicious Remote Access Tool.'"
Meanwhile in America (Score:3, Insightful)
Meanwhile, the Obama administration is arguing that requiring warrants for cellphone records "cripples" investigators [reuters.com]. No malware needed here in the U.S. Just fearmongering.
Skype is not the key.... (Score:5, Insightful)
It is not Skype they use, but the gullibility of the users. Skype is only remotely involved...
Bad Summary (Score:5, Insightful)
"Syrian Government Uses Social Engineering To Push Malware To Activists."
They could be using e-mail for the same thing. Or other IM channels that offer direct connect. Or Dropbox. Or any other channel.
The clever bit is trying to convince people to download and run an unknown tool by impersonating someone they've imprisoned.
Re:are people really this stupid (Score:5, Insightful)
Because maybe he didn't actually know the person had been arrested to begin with? These political dissident arrests are not publically broadcasted, you know...
Re:are people really this stupid (Score:4, Insightful)
If he knew that the other activist had already been arrested, why would you accept a chat from them AND then accept a file transfer from them?
People occasionally get released from jail.
Do these activists not use some super secret codes to tell each other they are who they say they are?
No. They're political activists, not James Bond.
Re:are people really this stupid (Score:4, Insightful)
when the government is out to kill you, the way to operate is TRUST NO ONE. this is the way revolutionaries have operated for centuries. small cadre of leadership and you never trust anyone completely.
Re:are people really this stupid (Score:5, Insightful)
I you trust no one you can never form any groups. You eventually have to trust someone. Again, it's quite easy for you to criticize from your comfortable life in a country thousands of miles away.