We've seen the reports on popular news programs and talk shows for years -- (cue Geraldo voice) men who pose as chivalrous mates to vulnerable women only to end up taking off with their savings, leaving a trail of broken hearts and emptied bank accounts in their wake.
Apparently, malware posing itself as a man has finally caught up to the real deal.
According to a report issued by AV software maker PC Tools, a new program has appeared in online dating chat rooms in Russia that advertises itself as an attractive male romance candidate, flirts with available females, and attempts to trick those ladies (and men?) who fall for its lecherous ploys into handing over their personal data. Dubbed by the firm as "CyberLover," PC Tools researchers claim that the program can conduct "fully automated flirtatious conversations" before trying to lure people into handing over their details, or tricking them to visit malware-infested Web sites. Based on the company's research into the program's authors, the researchers said that CyberLover is capable of building new relationships with up to ten partners in only 30 minutes (can any real man match that?). The malware code writers claim of course that victims of the threat can't begin to distinguish the program it from a human being. Beyond that, PC Tools submits that CyberLover represents a new breed of malicious program that can truly mimic human behavior during online interactions to carry out their nefarious schemes, one that the company said could become increasingly popular. "As a tool that can be used by hackers to conduct identity fraud, CyberLover demonstrates an unprecedented level of social engineering," Sergei Shevchenko, senior malware analyst at PC Tools, said in a research note on the threat. "It employs highly intelligent and customized dialogue to target users of social networking systems."
Part of the danger of the automated lover is that it is "designed as a bot [robot] that lures victims automatically, without human intervention," the expert maintains. The CyberLover software can also cloak itself in a number of personality types, including "romantic lover" to "sexual predator," PC Tools said. Something tells me that the romantic lover iteration just might catch a few more flies than the one advertising itself as a sexual predator… but you just never know online, do you? The program is also pre-programmed with a range of "dialogue scenarios" that involve different types of questions and discussion topics to be aimed at potential victims. The threat was designed specifically to recognize certain likely responses from chat-room users to further tailor its subsequent interactions, the researchers said. I wonder how it responds to expressions like "what are you wearing," "how much money do you make," or the time-honored "leave me alone you predictable jerk." PC Tools said that the attack also compiles a report on each person it interacts with which it funnels back to a remote source for safekeeping. The report can include information such as a victim's name, contact details and photo. As part of its attack, CyberLover invites potential victims to visit its personal Web site or blog, which -- surprise, most often holds a nice drive-by malware infection for anyone gullible enough to end up there.
The lesson of the story is -- never trust what men tell you online. Either that or -- if he seems to good to be true he probably is (a malware program). Or how about -- try interacting with real humans, it just might be safer than trying to deal with them over the Web. Maybe. PC Tools predicts that CyberLover will wash up on U.S. shores by early 2008. Keep a nose out for the smell of cheap cologne.
Monday, December 17, 2007