SCF Advanced Search

  • Total Posts: 40520
  • Total Topics: 14428
  • Online Today: 599
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)

Author Topic: Skype Worm No Cause for Panic (W32.Skyhoo.Worm)  (Read 2857 times)

0 Members and 1 Guest are viewing this topic.


  • SCF VIP Member
  • *****
  • Posts: 88
  • KARMA: 15
  • Gender: Male
    • Newsapp IT support Portal
Skype Worm No Cause for Panic (W32.Skyhoo.Worm)
« on: 19. May 2010., 17:56:01 »

Security research firm Bkis earlier this month warned of a vicious virus targeting both Skype and Yahoo! Messenger. BKIS said in a blog post the attack involved inserting malicious URLs into chat windows with sophisticated social engineering hooks.

Also see Social Engineering: The Basics

Each time, the messages sent have different contents, noted Bkis researchers. Examples include "Does my new hair style look good? bad? perfect?" "My printer is about to be thrown through a window if this pic wont come our right. You see anything wrong with it?" The message contains a link to a web page that appears to lead to a JPEG or image file.

"The users are more easily tricked into clicking the link by these messages, because users tend to think that "their friend(s)" are asking for advice," Bkis said in its posting. "If a user clicks the link, his browser will immediately load to a website with Rapidshare-like interface, and a .zip file will be available for download."

The W32.Skyhoo.Worm, as it was named by Bkis, automatically exits if the victim's computer is not installed with Skype or Yahoo! Messenger and automatically sends messages with different contents containing malicious URLs to user names in the Skype/Yahoo! Messenger friend list of the user. Michael Gough, owner of the web site, and author of 'Skype Me! From Single User to Small Enterprise and Beyond ,' spoke to CSO earlier this year about Skype's benefits and challenges in the business environment (See Skype security: Is the popular VOIP service safe for business?).

Gough said while this virus is targeting Skype, it's really social engineering and awareness that need to be considered.

"If I can get you to install anything I own the system and the applications, it does not matter which app," said Gough. "The fact this is taking advantage of Skype is secondary or almost moot. Skype has APIs and functionality that allows this to be used. If Skype wants to change the code to prevent this from happening they may break or disable functionality they actually wanted to provide."

In other words, according to Gough, don't knock Skype for this attack. Instead focus on awareness among users if you are using Skype in the workplace and give them a warning about social engineering rather than worrying about the application's security.

"This is actually just another social engineering attack," Gough told CSO. "The user has to be fooled into downloading and installing a piece of malware. So really it is not attacking Skype, it is trying, in many cases successfully to fool a user to provide access and then use an application, in this case Skype to proliferate more social engineering."

Copyright © 2010 CSO.

Samker's Computer Forum -

Skype Worm No Cause for Panic (W32.Skyhoo.Worm)
« on: 19. May 2010., 17:56:01 »


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising