The Tech Herald

Breaking: Symantec discovers Trojan targeting Skype users

by Steve Ragan - Aug 28 2009, 04:46

Early this evening, Symantec issued an advisory that they have discovered the availability of source code for a Trojan that targets Skype users. The Trojan, once installed on a system, has the ability to record conversations in progress, and transmit the recording to a third party.

The Trojan is being called Trojan.Peskyspy, and can be delivered in any number of ways, including email links and social engineering attacks, where a user is tricked into downloading and installing an application.

The Trojan is targeting Windows API hooks, a technique used to alter the planned behavior of an application, which Microsoft has intended to be used by audio applications. The Trojan compromises the machine and then through the hooking technique is able to eavesdrop on a conversation before it even reaches Skype, or any other audio application.

Once a machine has been compromised, the Skype Trojan can use an application that handles audio processing within a computer and save the call data as an MP3 file. This MP3 is then sent over the Internet to a predefined server where the attacker can then listen to the recorded conversations. The MP3 is stored locally and encrypted before it is sent off.

“Recording the call as an MP3 keeps the size of the audio files low and means there is less data to be transferred over the network, helping to speed up the transfer and avoid detection,” Symantec said in their alert.

Presently, Symantec is calling the risk posed by this threat quite low, as they have not seen any evidence of compiled versions of the Trojan moving around online.

However, because the source code is publicly available, Malware authors can incorporate this type of functionality into their own malicious code. As a precaution, since there is no hard mitigation for the Trojan’s abilities aside from uninstalling Skype, Symantec says users should follow security best practices, install and keep up-to-date security software, and not click on links in suspicious e-mails.

In a semi-related story, since the Skype Trojan could be linked to Phishing scams, this alert comes in the same week that Symantec declared the start of Phishing Season.

With summer ending, Symantec said that they expect to see an increase in overall Phishing activity over the coming months.

“The number of Phishing attacks we observe tends to follow a natural pattern of high and low points, with the high points often occurring in the latter half of the year,” a company spokesperson said.

As more information on the Skype Trojan emerges, we will update this article.

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

NBA All-Star LeBron James Teams with Kia

NBA All-Star LeBron James has signed a deal with Kia to be the company’s first luxury ambass...

Classic Car Buying Guide: Hillman Super Minx

What to look for when buying a Classic Car: We use The Hillman Super Minx as an example What...

A Guy Let His Wife Loose With A Sharpie On His Car. What She Did Will Blow Your Mind.

This guy let his wife loose with a sharpie on his Nissan Skyline R33 GTR — and the result is...

2015 Nissan Armada Prices

Nissan has released pricing details for the 2015 Nissan Armada in the US. The 2015 Nissan Ar...

Aquaplaning Danger Highlighted in Video

This UK video highlights the dangers of aquaplaning. When you drive your car over some sitti...