Jeffrey Walton: > On Mon, May 20, 2013 at 8:55 PM, Jacob Appelbaum <[email protected]> wrote: >> James A. Donald: >>> ... >>> >>> Zombie computers are seldom of high value. >> >> Some malware is designed to keep people communicating, under heavy >> watch; it is not always designed to abuse a system the "traditional" >> manner befitting script kiddie botnets. > In Skype's case, it appears there is no need for the malware to coerce > communications since the service is always on > (http://www.sec.gov/Archives/edgar/data/1498209/000119312510182561/ds1.htm): > "The number of connected users is subject to uncertainties and in some > ways may overstate the number of users actively using our products > during a given period. For example, for a number of our users, once a > user has downloaded our software onto their device, the software will > automatically be logged in to when the device is turned on, even if > the customer takes no steps to affirmatively engage our software > client after initial registration." >
Sure. My point is indirectly related, I suppose. FinFisher uses the Skype API to record audio, etc. This isn't malware designed to disrupt, it is malware designed to exploit other software and violate privacy. It is designed to hide (badly in some cases) and it is designed to exfiltrate data, etc. Still, most people who are owned by such malware have next to no clue, even when the malware is totally obvious. I found some targeted malware (lame but effective) last week that beat Skype encryption of chats by just taking screen shots: http://www.infosecurity-magazine.com/view/32473/new-mac-malware-discovered-live-on-stage/ I didn't know but I'd actually stumbled onto some major Indian cyberwar operation. The report on the topic came out today: http://blogs.norman.com/2013/security-research/the-hangover-report All the best, Jacob _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
