No communications software is immune from worm attacks, is the message that hackers are sending to the world with the discovery of a new worm that uses the popular Skype voice over internet protocol (VoIP) telephony software to propogate itself.

Popular VoIP software, Skype, has worms

Security analysts are rushing to assess the threat level of the new worm. 

According to Websense Security Labs how the worm works is that Skype users receive a message asking them to download and run a file called sp.exe

If sp.exe is run it executes a trojan horse that steels the user’s pasword, as well as other personal information. The file also runs code that uses Skype to propogate itself.

The file also connects to a remote server, which is no longer online. Most victims appear to be based in the Asia/Pacific region, mostly Korea.

The Internet Storm Centre is also looking into reports about the Skype worm and has issued the following statement:

“We are hearing some details of a new worm spreading via Skype IM, it appears to be using a custom (or at least unusual) packer and the network traffic appears encrypted as well.”

This new worm attack shows just how careful you need to be when opening any file you’ve downloaded on your computer, whatever method you’ve used to download the file. Today’s hackers are just so devious, that you really need to expect the unexpected.

At the time of writing Skype had not yet issued a statement.

Related:

Entry was posted on Tuesday, December 19th, 2006 at 8:23 am under Internet, Technology.

Read more entries by John Pospisil.
Stumble It!