Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Skype Is Most Used Messaging Service For Cyber Criminals, Study Finds (securityledger.com)

Posted by BeauHD on from the privacy-isn't-everything dept.

chicksdaddy quotes a report from The Security Ledger: Cyber criminals lurk in the dark recesses of the internet, striking at random and then disappearing into the virtual ether. But when they want to talk shop with their colleagues, they turn to Redmond, Washington-based Microsoft and its Skype communications tools, according to an analysis by the firm Flashpoint. Mentions of different platforms were used as a proxy for gauging interest in and use of these messaging services. Flashpoint analysts looked, especially, for invitations to continue conversation outside of cyber criminal marketplaces, like references to ICQ accounts or other platforms. The survey results show that, out of a population of around 80 instant messenger platforms and protocols, a short list of just five platforms accounts for between 80% and 90% of all mentions within the cyber underground. Of those, Microsoft's Skype was the chat king. It ranked among the top five platforms across all language groups. That, despite the platform's lack of end-to-end encryption or forward secrecy features and evidence, courtesy of NSA hacker Edward Snowden, that U.S. spies may have snooped on Skype video calls in recent years, The Security Ledger reports. The conclusion: while security is a priority amongst thieves, it isn't the sole concern that cyber criminals and their associates have. In fact, sophisticated hacking communities like those in Russia to continue to rely on legacy platforms like ICQ when provably more secure alternatives exist. The reason? Business. "These cyber criminals have a lot of different options that they're juggling and a lot of factors that weigh on their options," said Leroy Terrelonge III, the Director of Middle East and Africa Research at Flashpoint. "We might suspect that cyber criminals use the most secure means of communication all the time, that's not what our research showed."

57 comments

  1. Microsoft's fault by computational+super · · Score: 5, Insightful

    That never happened before Microsoft bought it.

    --
    Proud neuron in the Slashdot hivemind since 2002.
    1. Re:Microsoft's fault by Anonymous Coward · · Score: 0

      Well duh; all those cyber criminals at Microsoft started using it trick people into giving them money for that Windows 10 bait-and-switch scam.

    2. Re:Microsoft's fault by Anonymous Coward · · Score: 0

      skype is the app of its kind most likely to be on the victim's computer -- especially since microsoft bought it and it's been preinstalled with every version of windows released since.

      and speaking fo windows 10 bullshit. i just had not one, but TWO windows 8/8.1 systems, that force-fed me the windows update-delivered windows 10 upgrade.. TODAY, *eight months* after that offer, and delivery mechanism for it, was supposed to end. one had the offer repeatedly rejected during the 'free' period and had not seen a peep out of windows 10 notices since late last summer, the other was force-fed windows 10 a month ago out of the blue, too, and was reverted back at that time. this is a really good sales pitch -- for ditching windows and going chromebook (these two computers are essentially windows 8 equivalents of them.. slow, cheap and basic) or ipad instead.

    3. Re:Microsoft's fault by Anonymous Coward · · Score: 0

      Choosing to run Windows 8 is a crime all of its own.

  2. And all this time by kd8bny · · Score: 2

    ....I thought it was IRC. My whole life is a lie

    1. Re:And all this time by Areyoukiddingme · · Score: 1

      And all this time I thought it was IRC. My whole life is a lie

      The article mentions a top five, then doesn't actually enumerate the top five. Piss poor reporting. IRC is probably in there, though it is never once mentioned in the article.

      This is why we don't read the damn articles. They're useless.

  3. Skype most used for $RANDOM_GROUP_OF_PEOPLE by Anonymous Coward · · Score: 1

    I guess I don't really see the significance here.

  4. Generic term? by petes_PoV · · Score: 1

    Did it occur to the surveyors that people might use the term generically for any sort of voice / face based communication. Just like people talk about "googling" instead of searching for something - or say "the wifi" when they mean "the internet"?

    --
    politicians are like babies' nappies: they should both be changed regularly and for the same reasons
    1. Re:Generic term? by Scarred+Intellect · · Score: 2

      Or maybe all those references to Skype were to simply say "Don't use Skype." or "Using Skype will get you caught."

      Now, to throw off researches pointed at Slashdot: AIM, AIM, AIM, AIM AOL Instant Messenger, AIM AOL Instant Massanger, MSN Messenger, AIMI!!LOL!!11

    2. Re:Generic term? by Anonymous Coward · · Score: 0

      Yeah, the article title begs the question, in most people's minds. "How did they know that?" "Oh, it's not actually encrypted because they have the key?" "Oh sh**, they know where my stash is!" :-P

      Of course, I already knew this back when they were scanning URLs (it was merely suspected until confirmed at that time).

      Oh look, captcha is "tattoo". Appropriate considering the gang references.

    3. Re:Generic term? by rtb61 · · Score: 1

      Funny I thought the most used communication method for cyber criminals ('guilty of crime' https://www.merriam-webster.co...) was shouting to each other from between the bars of their cells. Now when it comes to amateurs and script kiddies, yeah, the use the easiest and most accessible method, what ever is the most popular communications fad at that time.

      When it comes to the actually adept cyber criminals there preferred communication method is, well, how the fuck would I know, I am not a cyber criminal. If they are good at what they do, only they know the best communication methods, spy all you want, you will see nothing. As a rule of thumb though, sharing ideas is a lot safer than sharing plots and schemes.

      --
      Chaos - everything, everywhere, everywhen
    4. Re:Generic term? by sound+vision · · Score: 1

      MSN messenger is actually dead. AIM might be too, I'm not sure. MSN users in the United States were actually migrated to Skype. You might still be able to connect to some server somewhere, but Microsoft hasn't published a client for MSN in many years. 2009, I think.

    5. Re:Generic term? by mSparks43 · · Score: 1

      pretty much exactly my thought.

      skype gets mentioned a lot. either for using it to hack a victims computer or to warn people their conversations go straight to the google/NSA processing centers.

      But never seen referals to carry a converstion on there.

  5. Where is the drama ? by Anonymous Coward · · Score: 0

    Where are the calls to ban Skype because of the potential for criminal use ?

    Where are the calls to put in backdoors so Law Enforcement can have access to everything ?

    The former makes no more sense than banning encryption and the latter is laughable because: Microsoft already backdoors it ( no real secret that ).

    1. Re:Where is the drama ? by GrumpySteen · · Score: 1

      Where are the calls to put in backdoors so Law Enforcement can have access to everything ?

      Are you kidding? The FBI has been calling for backdoors to all encryption for more than ten years and Comey was still asking for them last August. They've never stopped.

    2. Re:Where is the drama ? by sexconker · · Score: 2

      Skype was broken and completely insecure when MS bought it.
      The first thing MS did was give Uncle Sam complete and direct backdoor access to every single Skype call.

      And no, they haven't gotten around to fixing the unintentional security holes.

    3. Re:Where is the drama ? by cavreader · · Score: 1

      "They've never stopped" They also never got what they wanted either and there is no evidence they will ever get what they are asking for.

    4. Re:Where is the drama ? by Anonymous Coward · · Score: 0

      Just yesterday I was wondering why the skype.exe on my work PC was consuming 300 megabytes of RAM just for the textual chats with my team. For a chat client which consumes 300MB there must be a bug or two for criminals to exploit.

  6. I just Learned... by Anonymous Coward · · Score: 0

    ... that ICQ is still a thing...

    1. Re: I just Learned... by Anonymous Coward · · Score: 0

      yep it still is, and easy to use pidgin + otr for perfect forward secrecy (like most networks, excluding skype).

  7. KRIMZ gotta BE KRIMZ! by Anonymous Coward · · Score: 0

    Once a krook, alwayz a krook!

  8. Doritos are Most Eaten Snack by Cyber Criminals, by Anonymous Coward · · Score: 0

    Study Finds

  9. Trojans are Most Used Condom For Cyber Criminals by Anonymous Coward · · Score: 1

    Study also Finds

  10. Study: criminals use common tools! by Gravis+Zero · · Score: 4, Insightful

    Is it just me or do criminals use the same tools as most other people? I'm not talking about people who know what's what, I just mean people.

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:Study: criminals use common tools! by thegarbz · · Score: 2

      100% of criminals carry out their work by oxygenating their blood using a commonly available gas. We should ban oxygen and that would prevent criminals from performing their work.

    2. Re:Study: criminals use common tools! by Anonymous Coward · · Score: 0

      A vast majority of criminals have also been found to drink DHMO (Dihydrogen Monoxide) as a performance enhancer. Contact your congressman to help ban this substance!!! http://dhmo.org/facts.html

    3. Re:Study: criminals use common tools! by snookiex · · Score: 1

      Well, I, for one, am all for banning Skype.

      --
      Open Source Network Inventory for the masses! Kuwaiba
  11. skype is terrible since the takeover by ozduo · · Score: 1

    anyone heard of “wire” an app by the skype inventor appwhich encrypts conversations https://wire.com/en/

    --
    I got to the chocolate box before you, that's why the hard ones have teeth marks.
  12. Pink Boxers are Most Worn Undies by Anonymous Coward · · Score: 0

    by Cyber Criminals, Study Finds

  13. In other news... by Sloppy · · Score: 1

    In other news, Los Angeles streets are the streets that Los Angeles criminals prefer to drive on.

    --
    As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  14. Makes sense by OneHundredAndTen · · Score: 1, Informative

    After all, it is owned by an organization that has been found guilty of criminal behavior in a court of law.

    1. Re:Makes sense by Frosty+Piss · · Score: 0

      After all, it is owned by an organization that has been found guilty of criminal behavior in a court of law.

      Rubbish.

      --
      If you want news from today, you have to come back tomorrow.
    2. Re:Makes sense by sconeu · · Score: 1

      Actually, MS *WAS* found guilty in the anti-trust suit. The penalty phase was overturned.

      --
      General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    3. Re: Makes sense by Anonymous Coward · · Score: 0

      Ok, so how does it "make sense" that it follows that cyber criminals would use the same tool?

    4. Re: Makes sense by Anonymous Coward · · Score: 0

      Relax, buddy. Can't you see it is fun to stick it to the man?

  15. That they know of by Anonymous Coward · · Score: 1

    That they know of.

  16. and they drive land cruisers and use bic pens by Anonymous Coward · · Score: 0

    how is this relevant ?

  17. Most Criminals aren't on the NSA's radar by jader3rd · · Score: 1

    I also suspect that given how the NSA is soley focused on American national security, that if you're not doing anything to endanger that, the NSA isn't interested in you. And most crimes don't effect American national security.

  18. Microsoft == Terrorist by Anonymous Coward · · Score: 0

    The NSA amd CIA need to infiltrate this organization. The when they hve planted their own keys into all microsoft products the world will be safe.

  19. Skype is less secure since Microsoft bought it... by Anonymous Coward · · Score: 0

    Skype is less secure since Microsoft bought it because they own all the super nodes now.

  20. And by Anonymous Coward · · Score: 1

    ... Most-Used Messaging Service For Cyber-Criminals ...

    Next; the four-door car is the most-used vehicle for thieves. News at eleven.

    I imagine Skype has a lot of hangers-on because everyone else is using it. This is just a consequence of the winner-takes-all rules for cyber-space.

  21. Re:Skype is less secure since Microsoft bought it. by Anonymous Coward · · Score: 1

    (they got rid of the p2p super nodes and replaced them with microsoft servers)

  22. Cyber Criminals? by n329619 · · Score: 2

    That's not a nice way to accuse my little sister of doing something weird on skype. I'm sure she's a nice person. I mean every times I get a ransom ware popup, she kindly told me to pay in full.

    I do wonder where she got her car though...

  23. Where else? by Anonymous Coward · · Score: 0

    Politicians use Skype too

  24. adding to the noise by Anonymous Coward · · Score: 0

    whether those using these services are thinking about security there is a lot to talking in a crowded area it can drown out unless they are already known and its much less suspicious.

  25. Historically Secure by Jezral · · Score: 2

    Skype used to be end-to-end encrypted and it caused police a lot of problems. Maybe criminal groups are just slow to move to a new service since everyone got established on Skype when it was secure, and the removal of encryption isn't exactly something Microsoft has put in a press release.

  26. That's it by Anonymous Coward · · Score: 1

    ban skype and all platforms it runs on, just like banning laptops and water bottles on planes.

  27. At least we know what the average age group is... by TheOuterLinux · · Score: 2

    Seriously though, only a millenial would be that dumb. This same demographic probably meets people on Facebook and texts with WhatsApp too. Do humans have so little problems anymore that rather than being a fearless young person, they choose not to care about privacy instead? That's my theory anyway.

  28. Skype is uniquely bad by 140Mandak262Jamuna · · Score: 2
    Skype was popular among people who wanted to save international calling rates, who were willing to put up with bad quality to save money. This company would never have made money. The moment they charge anything more than 5$ a year, its subscribers would flee to other services. There is no real switching costs and all its users and cheapstakes. Selling it as a business solution where even the rake rate of international calls (like 2$ per minute) is a small fraction of the hourly rate of the people on the conference call is just plain dumb.

    With unlimited voice and text in cell phones for domestic calls and dirt cheap land lines, it boggles my mind our company decided to "save" costs by moving to skype. Our company had been using webex with reasonable levels of robustness, reliability and quality for quite some time. Then some ex Microsoft C?O showed up and suddenly they decided to "cut costs" by moving from Webex to Skype for all our teleconferencing needs.

    There are so many problems, even people who swear by Microsoft and are fans of that company are put off by it. Randomly drops calls, suddenly drops the microphone, can not find the microphone ... Even the very first "intro to skype" was a disaster, it died half way through... We are falling back to the free Google hangouts,.

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
    1. Re:Skype is uniquely bad by Anonymous Coward · · Score: 0

      What are you even talking about? Skype for Business (which used to be Microsoft Lync) or "plain" legacy Skype known to home users?

      I suspect you talk about Skype for Business while the article talks about plain Skype. Thus, you completely missed the point by posting such hearsay and anecdotal evidence of Skype(for Business)'s badness.

  29. ICQ? by Danathar · · Score: 1

    That still exists?

  30. Rubbish by joboss · · Score: 1

    Pretty sure it's IRC :D

  31. Quick tell Zuckerberg.... by Anonymous Coward · · Score: 0

    Well, clearly Microsoft must do something to censor the content on Skype. After all, we can't allow criminals to make undesirable messages and calls on Skype. /sarcasm

    I keep hearing crap like this lately, and with stories like this clickbait, I'm going to continue hearing it. Sadly, you can't explain to these sheep why implementing mass-censorship of communications media is a bad thing for society, or why even if it was a good thing (it's not but for the sake of argument), it's near impossible to implement without an AI. In addition don't bother trying to explaining to them why they won't be the person deciding what gets blocked vs. what gets allowed. After all, they know they will be, or if not, the person who is will always agree with them.

  32. ICQ??? by sabbede · · Score: 1

    Last time I used it was in 1997. It's still around? And in use?? By Russians???

    1. Re:ICQ??? by squiggleslash · · Score: 2

      You're surprised? Geez, I thought everyone knew that users 36915037, 2678435, and 6 were still using ICQ!

      --
      You are not alone. This is not normal. None of this is normal.
    2. Re:ICQ??? by sabbede · · Score: 1

      I overslept this morning and am way too foggy to think of a response even a fraction as funny as yours. So instead I'll say this - that was f'ing hilarious!!

  33. Re:At least we know what the average age group is. by TheOuterLinux · · Score: 1

    *millennial