Posts Tagged: digital river

Mar 11

Rogue Antivirus Via Skype Phone Call?

A few readers have written, saying that they recently received Skype phone calls urging them to download and install a system update for Microsoft Windows. Users who visit the recommended site are bombarded with the same old scareware prompts that try to frighten them into purchasing worthless security software.

Scareware scams are nothing new to Skype: They have spread for some time now over the instant message client built into Skype, but this is the first I’ve heard of rogue anti-virus peddlers resorting to robocalls via Skype to spread their junk software.

One quick-thinking reader managed to record the tail end of the call, which is available by clicking here. It says, “To download the patch update, request professional maintenance at” It seems from this thread on the user forum that a great many others are getting these rogue AV calls.

Continue reading →

Sep 10

SpyEye Botnet’s Bogus Billing Feature

Miscreants who control large groupings of hacked PCs or “botnets” are always looking for ways to better monetize their crime machines, and competition among rival bot developers is leading to devious innovations. The SpyEye botnet kit, for example, now not only allows botnet owners to automate the extraction of credit card and other financial data from infected systems, but it also can be configured to use those credentials to generate bogus sales at online stores set up by the botmaster.

The "billing" section from SpyEye admin pageAs I noted in a post in April, SpyEye is a software package that promises to make running a botnet a point-and-click exercise. A unique component of SpyEye is a feature called “billinghammer,” which automates the purchase of worthless or copycat software using credit card data stolen from victims of the botnet.

The SpyEye author explained this feature in detail on several hacking forums where his kit is sold, even including a video that walks customers through the process of setting it up. Basically, the scam works like this: The botmaster acquires some freeware utility or legitimate program, renames it, claims it as his own and places it up for sale at one of several pre-selected software sales and distribution platforms, including ClickBank, FastSpring, eSellerate, SetSystems, or Shareit. The botmaster then logs in to his SpyEye control panel (picture above), feeds it a list of credit card numbers and corresponding cardholder data, after which SpyEye opens an Internet Explorer Window and — at user-defined intervals — starts auto-filling the proper fields at the botmaster’s online store and making purchases.

Continue reading →