This is awesome. I assume there is a rollerblading date in their future.Malware researchers investigating a Trojan linked in a gaming forum as a how-to video for Diablo III got a surprise when the hacker started chatting with them -- through a feature in the malware. Franklin Zhao & Jason Zhou of antivirus company AVG were looking for keylogging code in the malware with a debugger after downloading it to a virtual machine when a chat box popped up. The hacker asked, in Chinese, "What are you doing? Why are you researching my Trojan?"
The malware gave the hacker the ability to monitor the victim's screen, mouse, and keyboard input. It also provided access to other devices. The hacker apparently was online when the two researchers started poking around his code, and he decided to intervene. "I would like to see your face, but what a pity you don't have a camera," he typed to the researchers, as they tried to engage him in conversation. Eventually, he tired of the cat-and-mouse game and remotely shut down their virtual machine.
"Regarding this malware, no Diablo III key logging code was captured. What it really wants to steal is dial up connection’s username and password."
Someone's still in the 1990s. I'm not sure if it's the authors of the original AVG blog post or the people of Taiwan.
Lots of the world (including Canada) still uses PPPoE on broadband, complete with PAP name/password pairs. Routers these days implement PPPoE for you and broadband installers program the router for you, so it's possible for end users to be unaware of what that name/password is.
Granted, those stolen name/password pairs work only if you're physically in the same service area as your victim, and paying for a DSL line (not necessarily yours).
Or want access to those accounts' known-good default email accounts, based on common email + password PPPoE login conventions.
Almost positive this has to be on topic, but incapable of proving it: LEGO Turing Machine