Trojan variant plagues Skype

Skype instant-messaging users are being warned of malicious code spreading through a URL

A new variant of a well-known Trojan horse virus is spreading through Skype's instant-messaging network, a security company has warned.

According to Websense Security Labs, a new set of the Warezov/Stration malicious code is currently making its way through Skype. The worm does not appear to be self-propagating, spreading instead through a URL sent to Skype users. When users activate it, it then passes the URL to all their Skype contacts.

"Skype users receive a message that says 'Check up this', with a URL containing a hyperlink. When users click on the link, they are redirected to a site that is hosting a file named file_01.exe," a statement from Websense read, which also noted that the vulnerability was not within Skype itself.

If file_01.exe is run, other files are downloaded and run, which can open a backdoor to the user's system and download further code. It also seems that the worm makes an abortive attempt to "notify the attacker that a certain machine has been infected", by trying to connect to an inactive Yahoo mail server to send an SMTP message.

The first variant of Warezov/Stration was reported in September last year by Symantec. F-Secure first reported its spread into Skype at the end of February.