| Potential Skype Worm Spreading |
 |
 |
 |
| Written by Editor |
| Tuesday, 19 December 2006 14:53 |
|
There are a number of reports of one maybe two variants of a Skype worm circulating. Very little is known about the worm but there are some details circulating, however Symantec are calling it W32.Chatosky. At the moment this seems to be a limited outbreak, whatever it is spreading via chat messages sent to Skype users asking them to download and run the linked executable and it also seems that it is not using a vulnerability in Skype.The downloaded executable when run seems to connect to a remote server to download code to execute, then to drop a password stealing trojan, and then tries to propagate itself using the Skype network. There also seems to be two possible variants that download code from two different sources, however at this time it is not known if it is just different download locations for the same worm or two real distinct variants. Currently Websense have some information about the worm here, and F-Secure have some in their blog here. Symantec have published a full description of W32.Chatosky here. Add this page to your favorite Social Bookmarking websites          |
| Last Updated ( Tuesday, 19 December 2006 14:55 ) |