Get three services for $100/mo
- Related Stories
-
Trojan horse targets Skype users
March 23, 2007 -
Net pioneer predicts overwhelming botnet surge
January 29, 2007 -
What threats does Skype face?
January 2, 2007
The worm, dubbed Pykse.A, is similar to threats that affect instant-messaging applications. A targeted Skype user will receive a chat message with text and a Web link that looks like it goes to a JPEG file on a Web site, F-Secure said on its Web site.
Clicking the link will redirect the user to a malicious file. The file, after executing, will send a malicious link to all online contacts in a Skype user's list and will show a picture of a scantily clad woman, F-Secure said. In addition, it sets the user's Skype status message to "Do Not Disturb," the security firm said.
Pykse also visits a number of Web sites that don't host any malicious code and a site that appears to count infected machines, F-Secure said. The Finnish security company doesn't list any particular malicious payload for Pykse other than it spreading and visiting Web sites. The IM worm affects Skype users running Windows.
Such threats for Skype aren't new. Last month, miscreants adapted the Warezov Trojan horse to target Skype users. This threat also arrived with a Web link sent in a Skype chat message. Clicking on the link would result in a PC being at the beck and call of the attacker and the Trojan horse sending messages to the victim's Skype contacts.
In February, attackers also targeted Skype users with another Trojan horse that had propagation capabilities.
Skype has acknowledged in the past that its instant-messaging feature could be used for nefarious purposes just like any other IM service. Kurt Sauer, Skype's chief security officer, repeated that acknowledgment on Monday in a statement sent by the company's public relations agency.
"Harmful viruses and Trojan horses may damage a user's computer and collect private data, regardless of whether a person is using Skype, e-mail or other IM clients," Sauer said in the statement. "Skype strongly recommends that users take extra caution in general when asked to open attachments or links from unknown people, or suspicious-looking attachments even from people you know."
Skype also recommends using antivirus software to check the files received from other people.
See more CNET content tagged:
Skype,
Kurt Sauer,
F-Secure Corp.,
IM,
worm
Skype.
http://www.f-secure.com/v-descs/im-worm_w32_pykse_a.shtml
to this malware, and this is a serious disservice to your readers.
Take our case: After 15 years, we are spending a good deal of
money switching our business entirely to Intel Mac's, primarily
for security reasons, though usability is also improved. We run a
small number of PC-only programs (flawlessly) in virtual
machines on our Macs at the same time as running OS X. The PC
side of the Mac does not have email and is limited to only a few
IP addresses on the net. We do not currently use any antivirus
protection for the PC or the Mac sides.
Incidentally, we do sophisticated software, firmware and
hardware for robotics education and research. (No battle bots or
hobby work products) and we have been dealing with the
horrors or Microsoft internals for many years. Their operating
systems are houses of cards, and they continue to be so because
Microsoft's monopoly position (threatened by the Clinton
administration but then predictably left virtually untouched by
Bush) allows them to get away with it.
Your news organization should not be part of this silence.
It may be that reporters or news outlets are somehow being
intimidated by Microsoft's legal clout so that no mention is made
that these are windows problems. (At least I expect they are.
Certainly, if these were OS X or Linux problems they would be
generating a different kind of story altogether.) But whether the
omission is from fear or laxity or some other source, it is a
glaring omission all the same.
I think you have to decide whether you are reporters or shills.
"Clicking the link will redirect the user to a malicious file. The file, after executing, will send a malicious link to all online contacts in a Skype user's list..."
Windows" are affected. (This is what their "Platform: W32"
designation means.)