Skip to main content

Criminals hijack top social meeting app names

(Image credit: Photo Credit: andriano.cz/Shutterstock)

Some of the biggest communications and collaboration tools are having their likenesses hacked by criminals, new research has claimed.

According to Kaspersky, there are roughly 1,300 applications out there with names almost identical to Skype, Zoom, Slack or Webex.

Developers are using this perfidious tactic to try and pass their own work as something else, hoping the vast masses of first-time home office workers wouldn't be able to tell the difference.

That wouldn't be that big of a deal, if hackers and cybercriminals weren't abusing the crowded applications space to distribute malware as well.

Kaspersky found that out of the 1,300 files that they analysed, 200 of them were “threats”, meaning they were most likely malware, RATs (Remote Access Trojan), ransomware, keyloggers or similar sinister codes.

Kaspersky says that two adware families dominated its analysis - DealPly and DownloadSponsor. Most of the times, criminals are passing their code under Skype’s name. Kaspersky managed to find 120,000 various suspicious files using this name.

“To be clear: it doesn’t look like there is a dramatic spike in the number of attacks or number of files that are disguised as popular social meeting apps. The actual numbers of these files that we are seeing in the wild are quite moderate. They are not moderate when it comes to Skype, but this application, due to its popularity, has traditionally been a target for cyberthreat actors for many years,” said Denis Parinov, security expert at Kaspersky.

“At the same time, we consider it important to let people know about the existence of such threats. In the current landscape, when most of us are working from home, it is extremely important to make sure that what we use as a tool for online social meeting is downloaded from a legitimate source, set up properly and doesn’t have severe unpatched vulnerabilities.”