xpgeek
23-03-2007, 08:10 PM
Miscreants have again adapted the Warezov Trojan horse to target Skype users, Websense Security Labs warned on Thursday.
The attack is similar to threats that target instant-messaging applications. A targeted Skype user will receive a chat message with the text "Check up this" and a link to a malicious executable called "file_01.exe" on a Web site, Websense said in an alert. If the user runs the file, several other files are downloaded and run, it said.
Once infected, a computer will be at the beck and call of the attacker and the Trojan horse will start sending messages to the victim's Skype contacts to propagate, Websense said. The attack is similar to one reported in February, but has been adapted with files hosted at different locations and a new version of the malicious code, it said.
Skype has acknowledged in the past that its instant-messaging feature could be used for nefarious purposes just like any other IM service. The company has said that it is looking at partnerships with security firms to offer a capability for the Skype client that filters out malicious links.
Warezov, also known as Stration, has been around since at least September. Several variants of the malicious code have appeared. Miscreants have spread it via spam e-mail as well as Skype.
Source (http://news.com.com/2100-7349_3-6169973.html)
The attack is similar to threats that target instant-messaging applications. A targeted Skype user will receive a chat message with the text "Check up this" and a link to a malicious executable called "file_01.exe" on a Web site, Websense said in an alert. If the user runs the file, several other files are downloaded and run, it said.
Once infected, a computer will be at the beck and call of the attacker and the Trojan horse will start sending messages to the victim's Skype contacts to propagate, Websense said. The attack is similar to one reported in February, but has been adapted with files hosted at different locations and a new version of the malicious code, it said.
Skype has acknowledged in the past that its instant-messaging feature could be used for nefarious purposes just like any other IM service. The company has said that it is looking at partnerships with security firms to offer a capability for the Skype client that filters out malicious links.
Warezov, also known as Stration, has been around since at least September. Several variants of the malicious code have appeared. Miscreants have spread it via spam e-mail as well as Skype.
Source (http://news.com.com/2100-7349_3-6169973.html)