Russians have developed a website that can produce
realistic flirtatious conversation via internet chat to trick the
unwary into giving it sensitive personal data that could be used to
clone that person's identity.
The website, CyberLover.ru, is in Russian, but an English
version may be available in February.
PC Tools, an
Australian anti-virus firm, said CyberLover can hold fully
automated flirtatious conversations with users of chat-rooms and
dating sites to persuade them to share their identity or visit
websites with malicious content.
According to its creators, CyberLover can establish a new
relationship with up to 10 partners in just 30 minutes and its
victims cannot distinguish it from a human being.
Sergei Shevchenko, senior malware analyst at PC Tools, said it
also monitors victims' internet browser activity, automatically
recognises and fills in fields in the web pages, generates
keystrokes and mouse clicks, and posts messages, URLs, files and
photos.
Shevchenko said this software could be the catalyst for a
dangerous new trend in malware evolution. "As a tool that can be
used by hackers to conduct identity fraud, CyberLover demonstrates
an unprecedented level of social engineering," he said. "It employs
highly intelligent and customised dialogue to target users of
social networking systems."
According to PC Tools, CyberLover uses profiles ranging from
"romantic lover" to "sexual predator" in a series of configurable
"dialogue scenarios" with pre-programmed questions and discussion
topics. It recognises the responses of chat-room users and tailors
its interaction accordingly.
It also compiles a detailed report on every person it meets and
submits them to a remote source. These contain confidential
information that the victim has shared with the bot. It may also
invite victims to visit a "personal website" or blog this could be
a fake page that could infect visitors with malware.