Sage's Skype has been hacked.

[Bizarre Monkey]

I'm familiar with bit.ly and the link he gives is harmless if left alone and exited without clicking any of the on page certificates (closing mozilla, reopening it and quickly switching tabs and closing it externally is one easy way), but do be aware that Sage's skype account has been entirely compromised and do not accept bit.ly links from him.

 

[Cunechan]

Ahh thanks for the information. I remember four years ago my class mate's skype was beeing hacked and the account sent randomly weird links. Just hope no one clicks on it though

 

[LTN Games]

Thanks for the info Biz. Always good to make everyone aware of these things and save them from viruses or hacked info. This has been happening a bit more than usual lately.

 

[Companion Wulf]

That's harsh! There was a Skype virus circulating about 2 years ago that basically dropped a trojan that took over computers and abused them as Bitcoin miners. And it was a ******* to get rid of. Some computers were under the TOTAL control of these unscrupulous scum! Hopefully Sage will have it sorted soon.

Ever since I was hacked 15 years ago, with very serious consequences, I've been quite paranoid, but have still made it my "job" to anti-hack the hackers (or even hack them in turn myself). There used to be some software called "Bounceback", which hid behind the firewall and any crap that came through was "bounced back" to its sender (or the IP address/reroute associated with it). Thing is it was, unfortunately, deemed as illegal so it eventually disappeared.

 

[sage]

Thanks for spreading the word so quickly.

I'm not sure if I've been hacked, or if it's a virus.
I haven't gone to any weird websites or anything. I stick with the same few I always have, so I'm leaning towards hacked, but whatever.

I deleted nearly all of you off of my Skype, so that you don't get another one.

 

[Companion Wulf]

@sage Nowadays you don't even have to go to shady websites, nor do you need to actually install anything. Skype itself has two major vulnerabilities right now since the last update, which have yet to be resolved. No doubt they will be.

The newest Skype trojan/virus is nicknamed "T9000" (an upgrade from its previous incarnation about two years ago, "T5000") and it's MUCH more advanced than most people realise. It uses a multi-stage backdoor installation process, checks to see if it's installed and has a list of at least 24 security programs with instructions on how to bypass them, as well as avoid detection.

T9000 actually allows attackers to capture encrypted data, take screenshots of specific applications and specifically target Skype users. It'll most likely store its "captured" data in a (hidden) folder named "Intel". The worst part of it is, that most Skype users probably won't know it's been installed.

It's always a good precaution to delete people from Skype - at least until whatever is going on here is resolved. I'm not saying that this is the case for you, but it does remind me of the one I had 2 years ago.

 

[sage]

@sage Nowadays you don't even have to go to shady websites, nor do you need to actually install anything. Skype itself has two major vulnerabilities right now since the last update, which have yet to be resolved. No doubt they will be.

The newest Skype trojan/virus is nicknamed "T9000" (an upgrade from its previous incarnation about two years ago, "T5000") and it's MUCH more advanced than most people realise. It uses a multi-stage backdoor installation process, checks to see if it's installed and has a list of at least 24 security programs with instructions on how to bypass them, as well as avoid detection.

T9000 actually allows attackers to capture encrypted data, take screenshots of specific applications and specifically target Skype users. It'll most likely store its "captured" data in a (hidden) folder named "Intel". The worst part of it is, that most Skype users probably won't know it's been installed.

It's always a good precaution to delete people from Skype - at least until whatever is going on here is resolved. I'm not saying that this is the case for you, but it does remind me of the one I had 2 years ago.

Thanks for the info. It sounds like a major pain.

T9000... Isn't that a terminator thing?

 

[Companion Wulf]

T9000... Isn't that a terminator thing?

Haha! You'd think, but the T actually stands for "Trojan" (how original!). And this bloody thing is VERY sophisticated, let me tell you!

 

[HotfireLegend]

How is said Trojan transmitted? By that link?

 

[Companion Wulf]

Mostly yes. It's also been known to spread via phishing emails and a regular rich text file originally. THIS is an eye opener about its multi-layer installation and info grab!

 

[LTN Games]

Is there any software which detects and or removes this T900? I did a bit of reading and noticed it avoids most popular antivirus software. A few I noticed not in the list was malware bytes and eset antivirus, both of which I use, among many standalone security tools, so I'm actually curious if it goes undetected for long? And if it's detectable at all.

 

[Macro]

And people wonder what I hate Skype? People call me paranoid? People wonder why I can't stand online ads and bit/ad fly links? Well, there you go... >_< Sorry to hear about your account getting hacked, I know the feeling.

 

[Companion Wulf]

@LTN Games There's no actual program to remove it yet, but it can be done manually. There are various instructive websites on how to remove it. And just by looking through them you can see how disturbingly invasive and insidious this one is. I'm with @Macro on this as well. Experience has taught me many things.

 

[Bizarre Monkey]

And people wonder what I hate Skype? People call me paranoid? People wonder why I can't stand online ads and bit/ad fly links? Well, there you go... >_< Sorry to hear about your account getting hacked, I know the feeling.

You aren't safe from this on MSN or Yahoo either. Skype just has the most instances of it occur because the vast majority of people use Skype over those other live messengers.

Also unless you're an idiot it's actually really difficult to be physically affected by the ad, if you have an adblocker and decent anti-virus like malware bytes, the only way it's going to get in your system is if you play along.

Though primarily the better advice is to just not trust bit.ly, goo.gl or any shortened url links from skype friends.

 

[Companion Wulf]

Though primarily the better advice is to just not trust bit.ly, goo.gl or any shortened url links from skype friends.

Not all bit.ly and goo.gl or shortened links are bad. It's these few that make it ALL bad. I use wp.me , as well as bit.ly and goog.l, for many of my blog entries and (for these reasons) have far fewer actual clicks than in the past. From a "marketing" perspective it is frustrating and enraging.

 

[Bizarre Monkey]

My point is there's no need to ever use shortened URL's on skype.

On Twitter yeah, you only get a limited number of characters, even places like here for status updates.

But Skype you can type until the sun turns red so I just say, especially without context, to click them. Now if your friend talks about it and stuff yeah fine, but it's easy to avoid hassles from shit like this if you're vigilant.

 

[Companion Wulf]

@Bizarre Monkey Completely agree. Notwithstanding the necessity of short URLs for Twitter and the like the few who have abused - and continue abusing - messengers are still "prime meat".

 

[LordBones]

And people wonder what I hate Skype? People call me paranoid? People wonder why I can't stand online ads and bit/ad fly links? Well, there you go... >_< Sorry to hear about your account getting hacked, I know the feeling.

If you need more reasons to hate Skype just look at how much memory it uses up and the fact that if you send a message the other person doesn't receive it until you're both online at the same time? Steam chat is better however who wants to give out their steam lol.

This sucks, there's been a lot of this in recent years. I'd recommend to everyone to go active Step 2 Verification on GMail or your mail of choice if it offers it. Some hackers now simply need peoples emails to get passed spam filters and then use your email to send it all out. Then once your email is caught by the filters they move on and you're left with a useless email.

Step 2 Verification as a note just requires a phone code to login to your email from a new computer rather secure. Additionally if something comes out saying 'change your password' and you're actually concerned, don't press their link... you know the service it should go to, simply go to the address bar and login into the service and change it there. Links are really dangerous these days.

 

[Macro]

Yeah I lost my gmail also. An email that I literally used for one thing. It also would be the only one I didn't have mobile on..