40,000 Russians were victims of attacks in Skype

The company ESET has published details of the investigation into the attack Skype, which affected more than half a million users worldwide. In May 2013 was discovered massive spam campaign messengers Skype and Gtalk. Attackers use social engineering techniques, offering victims to follow the links and see the pictures. Links disguised through legal service Google URL Shortener and its analogs, led to malware. During the first two days of the attack passed over half a million users on the links. analysis showed that 27% conversion on malicious links implemented by users from Mexico, Brazil and Colombia. Russia was also at the center of attack: on the links clicked more than 40 thousand people. Most clicks, 80,000 made ​​by users from Germany. It was also found that the attackers used a modification of the threat Win32/Gapz, executable files which are based on known malware PowerLoader. The software bypasses mechanisms solutions to ensure information security, and the user's computer downloads other malware - worm Win32/Rodpicom.C, sends phishing links in instant messaging service. After activation on the victim's computer worm Rodpicom seeking processes active in the system for subsequent detection instant messaging services: Skype, Windows Messenger, Quite Internet Pager, GoogleTalk, Digsby. Then he spreads malicious code on user's contacts via links in phishing messages. During this attack, the attackers used PowerLoader for downloading other malicious programs designed to steal confidential data. ESET virus lab was discovered more than 130 different malicious files used by hackers, but the vast majority are modifications Win32/PowerLoader and Win32/Rodpicom. Note that both threats are active to this day.