in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Data Security: Fake Skype Encryption Is Really Trojan In Disguise

The Trend Micro blog brings us news that a website (blocked for our own good) is offering software that purportedly provides encryption for Skype (Skype Encription v 2.1.exe).  Which seems redundant because encryption is already used in Skype (it is the same that is used in AlertBoot hard drive encryption: AES-256).

You can corroborate this by visiting the official Skype support page.

Less Redundant than It Appears

As it turns out, the software in question doesn't actually encrypt anything.  Rather, it's a Trojan for injecting DarkComet Version 3.3, which allows hackers to take control over a computer.  One thing of interest that Trend Micro noticed was that "SyRiAnHaCkErS" (Syrian Hackers) appear to be behind this latest software offering.

False Flag

Why would anyone be looking for software that encrypts Skype communications?  And what's the Syrian hacker connection?  As Trend Micro helpfully points out, Syria's ongoing uprising (part of Arab Spring) has spilled over into cyberwarfare, as seen in this CNN article.  For example, an aid worker was tricked into installing spyware:

The man chatting with Susan via Skype passed her a file. She recalled what he said to her to coax her to open it: "This makes sure that when you're talking to me, it's really me talking to you and not somebody else."

She clicked on the file. "It actually didn't do anything," she said in a baffled tone. "I didn't notice any change at all."

No graphics launched; no pop-up opened to announce to the user that the virus was being downloaded. The link appeared to be dead or defected, said Othman.

But something did happen.  Susan's computer was infected with spyware that monitors her computer activity.  What did that Trojan do?  According to Symantec:

The Trojan then allows a remote attacker to perform the following actions on the compromised computer:

  • Capture webcam activity
  • Disable the notification setting for certain antivirus programs
  • Download and execute arbitrary programs and commands
  • Modify the hosts file
  • Record key strokes
  • Retrieve system information about the computer
  • Start or end processes
  • Steal passwords
  • Update itself

Skype Already Uses Encryption

As I already mentioned before, Skype uses encryption to protect its calls.  The encryption keys are generated by the computers that are engaged in the calls, and there is no central command control structure for keeping track of the encryption keys.  At least, this was true as far back as 2009, as can be seen in this video.  In the comments section, you'll see comments that cast suspicion.

Such arguments can be countered with actions, though.  For example, India threatening to ban Skype because the government can't monitor the calls and Germany complaining about the same.

Unless these are some elaborate false flag misinformation exercises, it's pretty apparent that Skype's calls are secure.  Indeed, it's the reason why AlertBoot managed disk encryption software uses the same AES-256 algorithm to secure information on laptops.


Related Articles and Sites:
http://blog.trendmicro.com/fake-skype-encryption-software-cloaks-darkcomet-trojan/

<Previous Next>

Laptop Encryption Software: Fresno Doctor Offering Reward For Stolen Computer

Computer Hard Drive Encryption: Desert AIDS Project Announces Data Breach

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.