Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    The activities of the infamous Koobface botnet have been a frequent topic of discussion here at the Malware Blog. Some security analysts recently commented that the botnet has added a new tool to its arsenal as a new alleged “Koobface variant” has been targeting the VoIP application, Skype.

    The supposed “Koobface variant,” detected by Trend Micro as TROJ_VILSEL.EA, steals a user’s contact list, phone numbers, location, and other information that may be part of the user’s Skype profile aside from the user’s login credentials. It is also capable of using Skype’s built-in instant messaging capability to send links to people on the affected user’s contact list. These links all go to affected domains with copies of TROJ_VILSEL.EA.


    Though TROJ_VILSEL.EA’s behavior is largely similar to previous Koobface variants (the target application excluded), it is actually not a member of the infamous malware family. Both the malicious code and network behavior differ from previously known Koobface variants. It would not be a great surprise, however, if the actual Koobface cybercriminals produce their own variant with this behavior.

    This development only highlights the ingenuity of cybercriminals in going after targets using tried-and-tested ways to spread their malicious creations. Trend Micro Smart Protection Network protects users from this attack by blocking access to the malicious URL, thereby preventing users’ systems from getting infected.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice