Trojan variant plagues Skype

Skype instant-messaging users are being warned of malicious code spreading through a URL

A new variant of a well-known Trojan horse virus is spreading through Skype's instant-messaging network, a security company has warned.

According to Websense Security Labs, a new set of the Warezov/Stration malicious code is currently making its way through Skype. The worm does not appear to be self-propagating, spreading instead through a URL sent to Skype users. When users activate it, it then passes the URL to all their Skype contacts.

"Skype users receive a message that says 'Check up this', with a URL containing a hyperlink. When users click on the link, they are redirected to a site that is hosting a file named file_01.exe," a statement from Websense read, which also noted that the vulnerability was not within Skype itself.

If file_01.exe is run, other files are downloaded and run, which can open a backdoor to the user's system and download further code. It also seems that the worm makes an abortive attempt to "notify the attacker that a certain machine has been infected", by trying to connect to an inactive Yahoo mail server to send an SMTP message.

The first variant of Warezov/Stration was reported in September last year by Symantec. F-Secure first reported its spread into Skype at the end of February.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All