February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« How Are Laptops Being Stolen? | Main | Small Companies See Bigger Risks »

December 11, 2007
Is This the Frightening Future of Security Attacks?

A friend forwarded me a link about a whole new breed of social engineering attack discovered by PC Tools that can actively chat (and flirt) with people in chat rooms, all in the effort to capture personal information. Mike Greene, vice president of product strategy at PC Tools, said they learned about this Cyberlover's existence by monitoring a Russian IRC malware chat room.

The program mimics online flirtation, and is so convincing that most people cannot distinguish between a flirt-bot and a real person. I have always been interested in the Turing Test, which supposes that, if someone can carry on an online conversation with someone else and not tell that who they're talking to is a computer program, then that machine has achieved artificial intelligence.

Who ever knew that the Turing Test would first be broached by a social-engineering cyberscam? Of course, the real Turing Test is conducted by a judge looking for conversational flaws, which is quite different than folks in chatrooms looking for some saucy give and take -- but still, it surprises the hell out of me.

As reported by CNet, the pseudo-lover can offer a range of chat personalities, from 'romantic lover' or 'sexual predator,' or can be used to direct victims to a web site in order to deliver a malware load. The app can establish up to 10 relationships in 30 minutes, and compiles a report on each 'relationship,' complete with name, contact info...whatever info the cyber-duped gives up.

"As a tool that can be used by hackers to conduct identity fraud, CyberLover demonstrates an unprecedented level of social engineering," PC Tools senior malware analyst Sergei Shevchenko said.

Currently, the heart-killer app is targeting Russian chatrooms, and while Greene could not say how widespread it was being used, he estimated it must still be in the early stages. To counter this, obviously, no one should use their real names in chat rooms, and should never give away personal information with unknown chats.

This could call every IM and chat into question. I mean, who knows if the person who forwarded me this story really was my friend? So be careful out their, clickers.


Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/2957

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map