My friends over at security specialists Sophos have warned me to be on the lookout for Sandra and her stiletto shoes when using Skype. Usually it would be my mother offering this advice, but then she would not understand the implications of getting infected by the Pykse-A worm that exploits the Skype IM chat system to infect your PC.
Of course, as always, it relies on a certain amount of user stupidity. In this case that would be just why Sandra would want to send you a picture of herself wearing nothing but high heels. Still, enough people will link click at the slightest provocation, and that invitation probably counts as more than slight. If you do click on the link in the Skype message then you will, indeed, be presented with Stiletto Sandra. By this point you will have also been infected with the downloader Trojan and, as a consequence, the worm payload will have been installed.
On the good news front, if you can call it that, this is hardly the first worm to target Skype users. Better yet, none of the previous ones have been widespread in comparison with other malware outbreaks. Not that it is a reason to ignore the Sophos warning, as Sandra and her shoes could be the Skype worm breakthrough that the malware writing scum have been waiting for. Last year Sophos conducted a poll of system administrators and found that 86.1% of those who expressed an opinion wanted the power to control use of VoIP in their companies; with 62.8% saying blocking was essential. The fact that Skype also contains an instant messaging component also raises concerns for system administrators, as it is potentially an avenue for data leakage as well as malware infestation. More and more companies are setting a policy as to what instant messaging client is to be used in the business, and whether it can be used for communicating with the outside world.
"Once it's up and running, the Pykse worm attempts to connect to a number of remote websites, presumably in an attempt to generate advertising revenue for them by increasing their number of hits" Graham Cluley, senior technology consultant for Sophos told me. "It's another example of the methods that malware authors can use to make money.”