Skype and stilettos are a dangerous combination

happygeek 0 239 Views

My friends over at security specialists Sophos have warned me to be on the lookout for Sandra and her stiletto shoes when using Skype. Usually it would be my mother offering this advice, but then she would not understand the implications of getting infected by the Pykse-A worm that exploits the Skype IM chat system to infect your PC.

Of course, as always, it relies on a certain amount of user stupidity. In this case that would be just why Sandra would want to send you a picture of herself wearing nothing but high heels. Still, enough people will link click at the slightest provocation, and that invitation probably counts as more than slight. If you do click on the link in the Skype message then you will, indeed, be presented with Stiletto Sandra. By this point you will have also been infected with the downloader Trojan and, as a consequence, the worm payload will have been installed.

On the good news front, if you can call it that, this is hardly the first worm to target Skype users. Better yet, none of the previous ones have been widespread in comparison with other malware outbreaks. Not that it is a reason to ignore the Sophos warning, as Sandra and her shoes could be the Skype worm breakthrough that the malware writing scum have been waiting for. Last year Sophos conducted a poll of system administrators and found that 86.1% of those who expressed an opinion wanted the power to control use of VoIP in their companies; with 62.8% saying blocking was essential. The fact that Skype also contains an instant messaging component also raises concerns for system administrators, as it is potentially an avenue for data leakage as well as malware infestation. More and more companies are setting a policy as to what instant messaging client is to be used in the business, and whether it can be used for communicating with the outside world.

"Once it's up and running, the Pykse worm attempts to connect to a number of remote websites, presumably in an attempt to generate advertising revenue for them by increasing their number of hits" Graham Cluley, senior technology consultant for Sophos told me. "It's another example of the methods that malware authors can use to make money.”

Member Avatar for Dortz
Dortz 38 Posting Whiz in Training

I remember this exact type of delivery system that was tooled for AIM. It gave the University IT department hell for a while. The only thing that finally killed it was a flyer program designed to educate users to not click on links given over AIM.

Delivery systems like this one prey on the only guaranteed insecure aspect of a system: the user.

Member Avatar for happygeek
happygeek 2,411 Most Valuable Poster

If there is one thing that I am 100% sure of in the security business, it is that you will never prevent users from clicking on links. Unless, of course, they learn by experience. Security education is getting to be like data backup these days, nobody believes you until they lose their data without a backup the first and only time.

Member Avatar for 'Stein
'Stein 150 Lapsed Skeptic

I'd just like to mention I am one of those such people. My computer crashed due to malware, and then, after getting it back running again (courtesy of DMR), I joined a malware community/training organization. Best decision I've made in a while.

Member Avatar for happygeek
happygeek 2,411 Most Valuable Poster

Cool. Nice to see someone acknowledge the importance of admitting to, and learning from, mistakes in IT!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Edit Preview