- Related Stories
-
Trojan horse targets Skype users
March 23, 2007 -
Net pioneer predicts overwhelming botnet surge
January 29, 2007 -
What threats does Skype face?
January 2, 2007
The worm, dubbed Pykse.A, is similar to threats that affect instant-messaging applications. A targeted Skype user will receive a chat message with text and a Web link that looks like it goes to a JPEG file on a Web site, F-Secure said on its Web site.
Clicking the link will redirect the user to a malicious file. The file, after executing, will send a malicious link to all online contacts in a Skype user's list and will show a picture of a scantily clad woman, F-Secure said. In addition, it sets the user's Skype status message to "Do Not Disturb," the security firm said.
Pykse also visits a number of Web sites that don't host any malicious code and a site that appears to count infected machines, F-Secure said. The Finnish security company doesn't list any particular malicious payload for Pykse other than it spreading and visiting Web sites. The IM worm affects Skype users running Windows.
Such threats for Skype aren't new. Last month, miscreants adapted the Warezov Trojan horse to target Skype users. This threat also arrived with a Web link sent in a Skype chat message. Clicking on the link would result in a PC being at the beck and call of the attacker and the Trojan horse sending messages to the victim's Skype contacts.
In February, attackers also targeted Skype users with another Trojan horse that had propagation capabilities.
Skype has acknowledged in the past that its instant-messaging feature could be used for nefarious purposes just like any other IM service. Kurt Sauer, Skype's chief security officer, repeated that acknowledgment on Monday in a statement sent by the company's public relations agency.
"Harmful viruses and Trojan horses may damage a user's computer and collect private data, regardless of whether a person is using Skype, e-mail or other IM clients," Sauer said in the statement. "Skype strongly recommends that users take extra caution in general when asked to open attachments or links from unknown people, or suspicious-looking attachments even from people you know."
Skype also recommends using antivirus software to check the files received from other people.
- More from News.com on this story's topics
Security threats
Viruses and worms
Security
eBay
See more CNET content tagged:
Skype,
Kurt Sauer,
F-Secure Corp.,
IM,
worm
- Does this affect ALL Skype users or just PC Skype users?
- Judging by the name, I'm guessing it only infects Windows users of Skype. http://www.f-secure.com/v-descs/im-worm_w32_pykse_a.shtml
- Reply to this comment
- Just to be picky,
- A "Trojan horse that had propagation capabilities", is more properly called a Worm (with multiple infection vectors). 8-)
- Reply to this comment
- Again, no list of affected OS's.
- There is no mention of which operating systems are susceptible to this malware, and this is a serious disservice to your readers. Take our case: After 15 years, we are spending a good deal of money switching our business entirely to Intel Mac's, primarily for security reasons, though usability is also improved. We run a small number of PC-only programs (flawlessly) in virtual machines on our Macs at the same time as running OS X. The PC side of the Mac does not have email and is limited to only a few IP addresses on the net. We do not currently use any antivirus protection for the PC or the Mac sides. Incidentally, we do sophisticated software, firmware and hardware for robotics education and research. (No battle bots or hobby work products) and we have been dealing with the horrors or Microsoft internals for many years. Their operating systems are houses of cards, and they continue to be so because Microsoft's monopoly position (threatened by the Clinton administration but then predictably left virtually untouched by Bush) allows them to get away with it. Your news organization should not be part of this silence. It may be that reporters or news outlets are somehow being intimidated by Microsoft's legal clout so that no mention is made that these are windows problems. (At least I expect they are. Certainly, if these were OS X or Linux problems they would be generating a different kind of story altogether.) But whether the omission is from fear or laxity or some other source, it is a glaring omission all the same. I think you have to decide whether you are reporters or shills.
- Reply to this comment
- Don't Trust Your Friends
- Sauer's advice about only trusting content from your friends doesn't hold water, because as the article states the worm sends the bad link to all the victim's contacts. You would think by now these guys would have a clue. This is the same crappy advice that Microsloth keeps dishing out. The advice should be, "Don't trust strangers and don't trust your friends. Better yet, don't use our crappy insecure product." "Clicking the link will redirect the user to a malicious file. The file, after executing, will send a malicious link to all online contacts in a Skype user's list..."
- Reply to this comment
- Windows Only
- From the F-Secure website, only "32-bit versions of Microsoft Windows" are affected. (This is what their "Platform: W32" designation means.)
- Reply to this comment
- Sure, let's believe F-secure
- Each of these so-called security companies has a vested interest in reporting the next new Worm, Trojan or malicious exploit. A press release features their efforts and everyone is urged to update their security software. At the root of all this hype are basic security practices: Don't answer anything from a stranger, don't click on random chat links and don't buy into F-secure's hype.
- Reply to this comment
... or log in manually to your email client and click the link in our email. Once you have confirmed your registration, please log in.
Click to Save up to $300/yr on calls