As predicted here is the first Skype worm on the loose...
My eagle eyes all over the world just reported this. I was waiting for stuff like this to happen and this is only the beginning of a probably very serious problem. I think the worst thing that could happen is that some worm is being created that will take down the widely spread p2p (super)nodes or something that will cause latency on the call. But anyways, that is just a thought. Here goes the current problem: « Skype Worm Breaks Out in APAC. By Stephen Withers. Tuesday, 19 December 2006. Symantec and Websense have warned Skype users of a new worm that spreads itself via Skype text messages.
Dubbed Chatosky by Symantec, the cycle starts with a Skype user receiving a message offering a file called sp.exe. According to Websense's preliminary analysis, when that file is run it installs a password-stealing Trojan and propagates itself via Skype. The malware also tries to connect to a now-disabled remote server to collect additional code.
Websense says the original infections appear to be in the Asia Pacific region, especially Korea. CA's, Sophos' and McAfee's security sites had no information about this worm at the time of writing.»
source : http://www.itwire.com.au/content/view/8198/53/
«Computer security analysts are studying reports of a worm that may be circulating via a feature in Skype Ltd.'s popular VoIP (voice over Internet protocol) service. Security vendor Websense Inc. said the worm spreads through Skype's chat feature. Users receive a message asking them to download a file called "sp.exe." The executable is a Trojan horse that can steal passwords. If a user runs the Trojan it triggers another set of code to spread itself.
The first infected PCs appeared in the Asia-Pacific region, particularly in Korea, Websense reported on its blog on Tuesday. It said it was still investigating the issue.
Not all security experts were in agreement, however. F-Secure Corp. received a sample of the worm and determined that it did not, in fact, target Skype, said Mikko Hypponen, chief research officer. "What's clear is, there's no massive worm outbreak with Skype at the moment," Hypponen said. "We are following the situation."
The SANS Internet Storm Center said it was "hearing some details of a new worm spreading via Skype IM" and asked for more information in a posting on its site. Websense said the executable appears to be encrypted with NTKrnl Secure Suite Packer, a polymorphic encryption program that makes files look unique to different detection engines. The original site that hosted the code is not serving it any more, Websense said.» source.
Worm may be spreading via Skype chat - Computerworld - 1 hour ago
Computer worm attacks business PCs - USA Today - 18 Dec 2006
I like it.
I don't like it.
Recent Comments