Eerie coincidence, or does bigfoot…er…OS X malware actually exist?
Fraudulent Skype transactions: eerie coincidence, malware, or something else? So, my mom had some real weirdness happen in the past couple of days with Skype and her credit card, and I’m wondering if there’s some sort of new, bleeding-edge malware for OSX out there I’m not aware of, or if it’s just a really crazy coincidence.
(Note: I’m an IT Security Guy, but mostly on the development and network side, so I’m not _as_ current on desktop security and I do almost nothing with Macs – but feel free to go technical on me.)
This is the timeline of the weirdness:
1. Last Thursday afternoon while visiting my mom, I downloaded Skype to her Mac (x86 iMac, OSX 10.5.4), and set her up with an account. The account didn’t have the same username as any of her other online identities, but was tied to the gmail address she uses for most other stuff. Didn’t give them any credit card info or anything else, because she’s just going to be using it for Skype-to-Skype to talk to me. (And I don’t have her credit card info anyway.). After testing it to make sure it works, we closed Skype and didn’t touch it again before we left.
2. Saturday, shortly after we left, she gets a call from CitiBank saying her credit card has been used for ‘high-risk’ transactions, in the form of 3 charges from www.skype.com totalling $10. She calls me, I tell her what info I gave them, that her credit card info was not given to them, etc. She calls them back, tells them the transactions were fraudulent, and they cancel the card, refuse the charges, etc.
3. Sunday morning, she gets an e-mail to her gmail account from Skype telling her that the charges to [some other Skype username] were refused, etc.
So this means that within 48 hours of having downloaded and installed Skype on her computer, somebody else has used her credit card number and e-mail address to sign up for a Skype account. This is, in my mind, slightly beyond coincidental, but the only other thing I can come up with is that her machine is compromised, or her home network (cable modem, wireless, WPA2, average password quality, few neighbors) is comp’ed.
However, I also signed up for a Skype account from my machine on her network, as well as paid bills, logged into my online banking, etc, and my stuff (at last check) was fine, which suggests its not at the network level.
So…is anybody aware of Malware for OSX that’s harvesting info for Skype fraud, or is this just a really bizarre coincidence? Or is there anything else you guys can think of that I’m missing? Does anyone have any suggestions (outside of the normal unixy methods of looking for running processes, open ports, etc) for detecting malware on here machine, if such a thing were out there? I don’t have physical access to her machine now, as we’ve since driven back across 4 states to home, but can do a WebEx or VNC session with her if need be.
(Also, she’s since had the card cancelled and is getting a new one issued, so that’s a non-issue, but I want to make sure this doesn’t happen again.)
Original text: Eerie coincidence, or does bigfoot…er…OS X malware actually exist?
Aussie Credit Cards - Compare offers at Credit Card ApplicationA Bamboo Steamer is available in different sizes and is of circular shape.
Have you ever heard of an InfraWave oven?
The Benefits of Using Wall Mount Rack Unveiled!
Similar Posts: