My friends over at security specialists Sophos have warned me to be on the lookout for Sandra and her stiletto shoes when using Skype. Usually it would be my mother offering this advice, but then she would not understand the implications of getting infected by the Pykse-A worm that exploits the Skype IM chat system to infect your PC.
Of course, as always, it relies on a certain amount of user stupidity. In this case that would be just why Sandra would want to send you a picture of herself wearing nothing but high heels. Still, enough people will link click at the slightest provocation, and that invitation probably counts as more than slight. If you do click on the link in the Skype message then you will, indeed, be presented with Stiletto Sandra. By this point you will have also been infected with the downloader Trojan and, as a consequence, the worm payload will have been installed.
On the good news front, if you can call it that, this is hardly the first worm to target Skype users. Better yet, none of the previous ones have been widespread in comparison with other malware outbreaks. Not that it is a reason to ignore the Sophos warning, as Sandra and her shoes could be the Skype worm breakthrough that the malware writing scum have been waiting for. Last year Sophos conducted a poll of system administrators and found that 86.1% of those who expressed an opinion wanted the power to control use of VoIP in their companies; with 62.8% saying blocking was essential. The fact that Skype also contains an instant messaging component also raises concerns for system administrators, as it is potentially an avenue for data leakage as well as malware infestation. More and more companies are setting a policy as to what instant messaging client is to be used in the business, and whether it can be used for communicating with the outside world.
"Once it's up and running, the Pykse worm attempts to connect to a number of remote websites, presumably in an attempt to generate advertising revenue for them by increasing their number of hits" Graham Cluley, senior technology consultant for Sophos told me. "It's another example of the methods that malware authors can use to make money.”
Related Article: Security Threat Predictions 2007
is a Networking news story by happygeek that has 1 reply, was last updated 6 years ago and has been tagged with the keywords: development, exploits, internet, news, security.
- News Story: Ten reasons why Harry Potter has not been hacked - 3 replies
- News Story: IT Staff less trustworthy than cleaners, temps and… - 3 replies
- News Story: Trojan droppers are kicking worm butt - 3 replies
- News Story: Twice as much Gmail spam - 2 replies
- News Story: Battley batters BBC as iPlayer gets hacked. Again - 1 reply
- News Story: Do you want spies with that? McDonald’s gives customers… - 3 replies
- News Story: World’s Worst Spammers Named and Shamed - 6 replies
- News Story: Oh Lord, Microsoft agrees with open source community - 5 replies
- News Story: Heart Attack Valentine Virus - 1 reply
I remember this exact type of delivery system that was tooled for AIM. It gave the University IT department hell for a while. The only thing that finally killed it was a flyer program designed to educate users to not click on links given over AIM.
Delivery systems like this one prey on the only guaranteed insecure aspect of a system: the user.
Dortz
Posting Whiz in Training
225 posts since Sep 2005
Reputation Points: 48
Solved Threads: 8
Skill Endorsements: 0
If there is one thing that I am 100% sure of in the security business, it is that you will never prevent users from clicking on links. Unless, of course, they learn by experience. Security education is getting to be like data backup these days, nobody believes you until they lose their data without a backup the first and only time.
happygeek
veganarchist
Administrator
28,360 posts since Mar 2006
Reputation Points: 1,603
Solved Threads: 90
Skill Endorsements: 71
I'd just like to mention I am one of those such people. My computer crashed due to malware, and then, after getting it back running again (courtesy of DMR), I joined a malware community/training organization. Best decision I've made in a while.
'Stein
Lapsed Skeptic
Team Colleague
1,941 posts since Jan 2006
Reputation Points: 222
Solved Threads: 106
Skill Endorsements: 14
Cool. Nice to see someone acknowledge the importance of admitting to, and learning from, mistakes in IT!
happygeek
veganarchist
Administrator
28,360 posts since Mar 2006
Reputation Points: 1,603
Solved Threads: 90
Skill Endorsements: 71
You
© 2013 DaniWeb® LLC
Page rendered in 0.0728 seconds
using 2.76MB
RSS Feed