Trojan imitates Skype, steals login credentials
LATEST NEWS
SUBSCRIBE
Computerworld is New Zealand's only specialised information systems fortnightly. Subscribe now for $100 (23 issues) and save more than 37% off the cover price!
SIGN UP
Once the program is executed, users see a convincing Skype login interface
By Jeremy Kirk | London | Friday, 19 October, 2007
Security analysts are warning of another malicious software program masquerading as an installer file for Skype.
The program sends the victim's Skype credentials, as well as any other logins or passwords stored in Internet Explorer, to another server, writes Villu Arak, a Skype spokesman based in Tallinn, Estonia, on a Skype blog.
Skype, the VoIP (voice over internet protocol) program owned by eBay, is frequently targeted by malware writers because it is widely used. Other attacks have focused on sending links to malware via Skype's chat function as well as worms.
This Trojan horse appears as an installer with Skype's logo and the name "65404-SkypeDefenderSetup.exe." Once the program is executed, users see a convincing Skype login interface, although the graphic for the "sign in" button is different from that of the genuine Skype application.
Login credentials can be entered, but none of the other menu functions work, says Chris Boyd, security research manager for FaceTime Communications. Microsoft's Internet Explorer can locally store passwords as a convenience for users as part of the browser's "autocomplete" function, but it is possible for software to improperly access the information.
The Trojan has been spread through spam as well as through instant-message conversations with a link to the malware, Arak says.
"This piece of malware does not propagate itself," Arak says. "Luckily, because the malware depends on the "human factor" to propagate, it is not widely spread. And we've received only a few complaints in customer support."
One user complained last week on Skype's forum of an infection, adding that his account was subsequently shut down.
"I was stupid," the user wrote. "Please, please help."
MOST POPULAR
- NZ game industry: Govt support for development increasing
- Raspberry Pi arrives in New Zealand
- Video, connection costs major factors in broadband uptake: ComCom
- Spotify launches in New Zealand and Australia today
- NASA on 'brink of a new future' with SpaceX launch
- No more risk to privacy on Facebook, than web: MED
Social Media @Computerworld NZ
Computerworld NZ has now reached LinkedIn! Join to expand your networks and meet others interested in information systems.
