Trojan.Peskyspy Attacking Skype Users

Posted on August 29, 2009. Filed under: News, Others, Super Fast Updates, Web | Tags: , , , , , |

   

       Symantec issued an advisory that they have discovered the availability of source code for a Trojan that targets Skype users. The Trojan, once installed on a system, has the ability to record conversations in progress, and transmit the recording to a third party.

    The Trojan is being called Trojan.Peskyspy, and can be delivered in any number of ways, including email links and social engineering attacks, where a user is tricked into downloading and installing an application.

      The Trojan is targeting Windows API hooks, a technique used to alter the planned behavior of an application, which Microsoft has intended to be used by audio applications. The Trojan compromises the machine and then through the hooking technique is able to eavesdrop on a conversation before it even reaches Skype, or any other audio application. Once a machine has been compromised, the Skype Trojan can use an application that handles audio processing within a computer and save the call data as an MP3 file. This MP3 is then sent over the Internet to a predefined server where the attacker can then listen to the recorded conversations. The MP3 is stored locally and encrypted before it is sent off.

      “Recording the call as an MP3 keeps the size of the audio files low and means there is less data to be transferred over the network, helping to speed up the transfer and avoid detection,” Symantec said in their alert.

       Presently, Symantec is calling the risk posed by this threat quite low, as they have not seen any evidence of compiled versions of the Trojan moving around online.

     However, because the source code is publicly available, Malware authors can incorporate this type of functionality into their own malicious code. As a precaution, since there is no hard mitigation for the Trojan’s abilities aside from uninstalling Skype, Symantec says users should follow security best practices, install and keep up-to-date security software, and not click on links in suspicious e-mails.

To read more about it visit here and here

Advertisements

One Response to “Trojan.Peskyspy Attacking Skype Users”

RSS Feed for AKS-Feel The Change! Comments RSS Feed

[…] AKS-Feel The Change Trojan.Peskyspy Attacking Skype Users […]


Comments are closed.

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: