[ATTN] New trojan spreads through skype and (possibly) steals wallet.dat.

[r.willis]

http://www.securelist.com/en/blog/208194206/An_avalanche_in_Skype

There is a new malicious ongoing campaign on Skype. It’s active and kicking yet.
The infection vector is via social engineering abusing infected Skype by sending massive messages to the contacts like these ones:
i don't think i will ever sleep again after seeing this photo http://www.goo.gl/XXXXX?image=IMG0540250-JPG
tell me what you think of this picture i edited http://www.goo.gl/XXXXX?image=IMG0540250-JPG
<snip>
Finally something interesting is this:

And similar malware spreads bitcoin miner:
http://www.securelist.com/en/blog/208194210/Skypemageddon_by_bitcoining

So what does malware do? To be honest many things but one of the most interesting is it turns the infected machine to a slave of the bitcoin generator. The usage of CPU grows up significantly. Here is an example:

The mentioned process runs with the command ?bitcoin-miner.exe -a 60 -l no -o http://suppp.cantvenlinea.biz:1942/ -u XXXXXX0000001@gmail.com -p XXXXXXXX� (sensitive data was replaced by XXXXXX) It abuses the CPU of infected machine to mine Bitcoins for the criminal.

[Severian]

Bitcoin on Windows?

*shudder*

[Bit_Happy]

Bitcoin on Windows?

*shudder*

Bitcoin $150 each way too soon?
*shudder*   

[MaGNeT]

- Use long passphrase wallet.dat encryption (>20 characters).
- Keep at least one copy offline.

Now they can steal your wallet.dat and you still have plenty of time to send the coins to another wallet and change the receiving adresses at pools and exchanges.

[luffy]

How do you realize that your wallet has been stolen before it is too late?

[r.willis]

How do you realize that your wallet has been stolen before it is too late?

This, and they can log your passphrase just fine.

[MaGNeT]

How do you realize that your wallet has been stolen before it is too late?

This, and they can log your passphrase just fine.

That's another reason to have one wallet for trading and one offline for keeping.

[Jobe7]

or don't use skype, I hate skype.

Or have a separate laptop/desktop that you use skype on.

[MaGNeT]

or don't use skype, I hate skype.

Or have a separate laptop/desktop that you use skype on.

+1

[Dabs]

My computer is bare bones OS and office only. Everything else is either installed and run, or portable (as in portable apps, run from its own directory.) I use Deep Freeze to essentially make my computer it's own virtual machine. Once rebooted or shut down, it reverts back to it's "clean" state.

I don't use Skype or Yahoo messenger or any other software. If I have to use them, I download the app, save it somewhere, reboot (optional), install the app, use it, then reboot or shutdown as appropriate.

Now, my computer could be subject to some zero day malware, but I find that unlikely. I almost always sit behind some hardware firewall (router) and the other computers in the network have different anti-virus / anti-malware installed.

Or I could always take a look at GMER. (rootkit detector).