Internet users are being warned about a new malware trend involving the use of natural language dialogue systems that are already deployed within gaming technologies.
The software conducts fully automated flirtatious conversations in a bid to collect personal data from those seeking relationships online.
Developed in Russia, the new software is known as CyberLover and has been uncovered by security vendor PC Tools.
CyberLover can be found in chat-rooms and dating sites trying to lure victims into sharing their identity or visiting Web sites with malicious content.
According to its creators, CyberLover can establish a new relationship with up to 10 partners in just 30 minutes and its victims cannot distinguish it from a human being.
PC Tools is concerned about the program's ability to mimic human behavior during online interactions and urges Internet users to beware of this new breed of software that can easily be used for malicious purposes.
The company's senior malware analyst, Sergei Shevchenko, said the concept behind this software could be the catalyst for a dangerous new trend in malware evolution.
"As a tool that can be used by hackers to conduct identity fraud, CyberLover demonstrates an unprecedented level of social engineering," he said.
"It employs highly intelligent and customized dialogue to target users of social networking systems. Internet users today are generally aware of the dangers of opening suspicious attachments and visiting unusual URLs, but CyberLover employs a new technique that is unheard of; that's what makes it particularly dangerous."
Shevchenko said CyberLover has been designed as a bot [robot] that lures victims automatically, without human intervention.
"If it's spawned in multiple instances on multiple servers, the number of potential victims could be very substantial," he added.
According to PC Tools researchers, the CyberLover software: offers a variety of profiles ranging from "romantic lover" to "sexual predator"; uses a series of easily configurable "dialogue scenarios" with preprogrammed questions and discussion topics; is designed to recognize the responses of chat-room users to tailor its interaction accordingly; compiles a detailed report on every person it meets and submits then to a remote source - the reports contain confidential information that the victim has shared with the bot, which can include the victim's name, contact details and personal photo(s).
The predatory program invites victims to visit a "personal" Web site or blog which could in fact be a fake page used to automatically infect visitors with malware.
To date, CyberLover is predominantly targeting Russian Web sites but PC Tools expects the program could make its way down under very soon.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment