Originally posted on March 22, 2007 @ 2:36 pm
Skype users are being hit with a Trojan that using the infected machine to reach out and infect the user’s friends and colleagues.
Websense issued an alert on earlier this afternoon warning that the malicious code, known as both Warezov and Stration, is spreading through the Skype network again.
An earlier version initially attacked late in February.
Dan Hubbard, a vice president of security research at Websense, said:
While the Trojan isn’t widely spread at this point, it is making its way across the network.
While the code itself is not self-propagating, when it runs, a URL is sent to everyone in the user’s contact list.
If their Skype program is running, a message will pop up, luring the user to click on a link, infecting them and continuing the malicious cycle.
The Trojan also opens a back door in the user’s computer, enabling a hacker to get into the machine and steal the user’s information or use the computer to send out spam or even a denial-of-service attack.
The Websense advisory noted that Skype users receive a message that says “Check up this,” with a URL containing a hyperlink.
When users click on the link, they are redirected to a site hosting a file named file_01.exe.
Users are prompted to run the file. If the user runs the file, several other files are downloaded and run.
This is not an exploit taking advantage of a vulnerability in Skype, the Websense advisory noted.
The moral of the story… clicking on unsolicited messages in Skype or any Instant Messaging program is just not a good idea.