New IM worm targets Skype users

17 April 2007 10:22 AM

A new instant-messaging pest that spreads using the chat feature in Skype has surfaced, security firm F-Secure warned Monday.

The worm, dubbed Pykse.A, is similar to threats that affect instant-messaging applications. A targeted Skype user will receive a chat message with text and a Web link that looks like it goes to a JPEG file on a Web site, F-Secure said on its Web site.

Clicking the link will redirect the user to a malicious file. The file, after executing, will send a malicious link to all online contacts in a Skype user's list and will show a picture of a scantily clad woman, F-Secure said. In addition, it sets the user's Skype status message to "Do Not Disturb," the security firm said.

Pykse also visits a number of Web sites that don't host any malicious code and a site that appears to count infected machines, F-Secure said. The Finnish security company doesn't list any particular malicious payload for Pykse other than it spreading and visiting Web sites. The IM worm affects Skype users running Windows.

Such threats for Skype aren't new. Last month, miscreants adapted the Warezov Trojan horse to target Skype users. This threat also arrived with a Web link sent in a Skype chat message. Clicking on the link would result in a PC being at the beck and call of the attacker and the Trojan horse sending messages to the victim's Skype contacts.

In February, attackers also targeted Skype users with another Trojan horse that had propagation capabilities.

Skype has acknowledged in the past that its instant-messaging feature could be used for nefarious purposes just like any other IM service. Kurt Sauer, Skype's chief security officer, repeated that acknowledgment on Monday in a statement sent by the company's public relations agency.

"Harmful viruses and Trojan horses may damage a user's computer and collect private data, regardless of whether a person is using Skype, e-mail or other IM clients," Sauer said in the statement. "Skype strongly recommends that users take extra caution in general when asked to open attachments or links from unknown people, or suspicious-looking attachments even from people you know."

Skype also recommends using antivirus software to check the files received from other people.

Talkback (1)
Print
E-mail
Share
- del.icio.us
- Digg
- Reddit
- Slashdot
- StumbleUpon

Talkback 1 comments

Add your opinion

Bravo! Anonymous -- 17/04/07

A Garland to grace the brow of those who list the affected OS's for this malware!

Latest Videos

Play now

Searching for Flash files
Adobe Systems has announced it's partnering with search giants Google and Yahoo to increase the quality of sea… Watch it now
Planet CNET: Robot wars!
Sports, Gates and Gears -- Club Builder
Gates' tearful good-bye
More videos »

Blogs

I'm a celebrity, don't back me up
Celebrity comes with its perks — free alcohol, better-looking partners, lots of holiday time — and disadvantages — constant media intrusions, being forced to appear in films with Eddie Murphy for the long-term good of your career, and having to do mindless radio interviews with angry men who've been awake since 4am.
Lies, damned lies and telco stupidity
Earlier this month, Telstra put out a press release trumpeting that it's come up with a new phone coaching service to help people who are "bamboozled" by their mobiles. Another excellent example of wrongheaded thinking from the mobile industry.
Dear carriers: More walking, less talking
Sometimes, a well-placed and well-timed letter can make all the difference. Other times, it can make no difference at all — and even hurt your case. This week's missive by the Competitive Carriers' Coalition, I would suggest, falls into the latter category.
More blogs »