Please support our Tech Talk advertiser:
Featured Entry 
Apr 17th, 2007, 5:49 am
•
•
•
•
My friends over at security specialists Sophos have warned me to be on the lookout for Sandra and her stiletto shoes when using Skype. Usually it would be my mother offering this advice, but then she would not understand the implications of getting infected by the Pykse-A worm that exploits the Skype IM chat system to infect your PC.
Of course, as always, it relies on a certain amount of user stupidity. In this case that would be just why Sandra would want to send you a picture of herself wearing nothing but high heels. Still, enough people will link click at the slightest provocation, and that invitation probably counts as more than slight. If you do click on the link in the Skype message then you will, indeed, be presented with Stiletto Sandra. By this point you will have also been infected with the downloader Trojan and, as a consequence, the worm payload will have been installed.
On the good news front, if you can call it that, this is hardly the first worm to target Skype users. Better yet, none of the previous ones have been widespread in comparison with other malware outbreaks. Not that it is a reason to ignore the Sophos warning, as Sandra and her shoes could be the Skype worm breakthrough that the malware writing scum have been waiting for. Last year Sophos conducted a poll of system administrators and found that 86.1% of those who expressed an opinion wanted the power to control use of VoIP in their companies; with 62.8% saying blocking was essential. The fact that Skype also contains an instant messaging component also raises concerns for system administrators, as it is potentially an avenue for data leakage as well as malware infestation. More and more companies are setting a policy as to what instant messaging client is to be used in the business, and whether it can be used for communicating with the outside world.
"Once it's up and running, the Pykse worm attempts to connect to a number of remote websites, presumably in an attempt to generate advertising revenue for them by increasing their number of hits" Graham Cluley, senior technology consultant for Sophos told me. "It's another example of the methods that malware authors can use to make money.”
Of course, as always, it relies on a certain amount of user stupidity. In this case that would be just why Sandra would want to send you a picture of herself wearing nothing but high heels. Still, enough people will link click at the slightest provocation, and that invitation probably counts as more than slight. If you do click on the link in the Skype message then you will, indeed, be presented with Stiletto Sandra. By this point you will have also been infected with the downloader Trojan and, as a consequence, the worm payload will have been installed.
On the good news front, if you can call it that, this is hardly the first worm to target Skype users. Better yet, none of the previous ones have been widespread in comparison with other malware outbreaks. Not that it is a reason to ignore the Sophos warning, as Sandra and her shoes could be the Skype worm breakthrough that the malware writing scum have been waiting for. Last year Sophos conducted a poll of system administrators and found that 86.1% of those who expressed an opinion wanted the power to control use of VoIP in their companies; with 62.8% saying blocking was essential. The fact that Skype also contains an instant messaging component also raises concerns for system administrators, as it is potentially an avenue for data leakage as well as malware infestation. More and more companies are setting a policy as to what instant messaging client is to be used in the business, and whether it can be used for communicating with the outside world.
"Once it's up and running, the Pykse worm attempts to connect to a number of remote websites, presumably in an attempt to generate advertising revenue for them by increasing their number of hits" Graham Cluley, senior technology consultant for Sophos told me. "It's another example of the methods that malware authors can use to make money.”
- Davey Winder, staff writer aka happygeek
•
•
•
•
advertising apple botnet browser business crime data development email environment europe facebook firefox forensic gaming google hacking hardware help ibm internet iphone ipod law legal linux malware microsoft mobile mozilla news phishing privacy research search security social networking software spam storage survey technology trojan video virus vista web windows yahoo youtube
All Recent Tags Comments (Newest First)
happygeek | He's The Daddy | Apr 18th, 2007
'Stein | Lapsed Skeptic | Apr 17th, 2007
•
•
•
•
I'd just like to mention I am one of those such people. My computer crashed due to malware, and then, after getting it back running again (courtesy of DMR), I joined a malware community/training organization. Best decision I've made in a while.
happygeek | He's The Daddy | Apr 17th, 2007
Dortz | Posting Whiz in Training | Apr 17th, 2007
•
•
•
•
I remember this exact type of delivery system that was tooled for AIM. It gave the University IT department hell for a while. The only thing that finally killed it was a flyer program designed to educate users to not click on links given over AIM.
Delivery systems like this one prey on the only guaranteed insecure aspect of a system: the user.
Delivery systems like this one prey on the only guaranteed insecure aspect of a system: the user.
Post Comment
•
•
•
•
DaniWeb Marketplace (Sponsored Links)
Related Blog Entries
- Spam swings from Viagra to Versace (1 Day Ago)
- Chinese quake should not threaten Intel chip supply (2 Days Ago)
- The botnet stripped naked and exposed (3 Days Ago)
- Fedora 9: All That and a Bag O' Chips (3 Days Ago)
- F1 racing drivers at risk from hard drive blackmail plot (4 Days Ago)
- What Does the Future Hold for the OS? (5 Days Ago)
- Jasper is just a stepping stone to Valhalla for Microsoft Xbox 360 gamers (5 Days Ago)
- Is Google an open relay spammer? (5 Days Ago)
- Computing and disabilities (9 Days Ago)
- Chinese Army of Hackers attack Belgium (9 Days Ago)
Related Forum Threads
- Skype - need headset? (Mac Software)
- m.s.n messenger and skype (Windows Software)
- What anti-spy/antivirus/security combination? (Viruses, Spyware and other Nasties)
- skype (Mac Software)
- Crackers for Christmas (or, How Did My Brand New Computer Get Infected Already?) (Viruses, Spyware and other Nasties)
- Hijack this log anything look dangerous? (Viruses, Spyware and other Nasties)
- Function[Array] in combination with cin>> (C++)
- Dangerous Bug in HijackThis 1.97.7 Restoral Procedure (Viruses, Spyware and other Nasties)
