Skype virus spreads from Korea

No primary category set

The first Skype worm is on the loose according to an Internet security firm – Websense. As with most worms you’re perfectly safe if you follow basic Internet security rules i.e. don’t accept or open unknown attachments! Websense indicates the worm has the following actions:

* users receive messages via Skype Chat to download and run a file
* the filename is called sp.exe
* assuming the file is run it appears to drop and run a password stealing Trojan Horse
* the file also appears to run another set of code that uses Skype to propagate the original file
* the file is packed and has anti-debugging routines (NTKrnl Secure Suite packer)
* the file connects to a remote server for additional code
* the original site has been black holed and is not serving the code anymore
* the number of victims is still TBD
* the original infections appear to be in APAC region (Korea in particular)

Individuals should pay particular attention to their security but fortunately companies installing and using Skype have an advantage. The Business Version of Skype enables network administrators to disable file transfer to remove temptation from employees clicky fingers.

Finally the best advice as ever (once again) is never accept or open files if you don’t know where they came from and what they contain! A great website with advice on staying safe online is Get Safe Online which eBay sponsor

One Response

  1. An update from Skype

    “By late on 19 December, we had obtained a copy of one of the two variants of the worm, and we learned that the attack was:

    * not a worm; and
    * made very minimal use of Skype

    In particular, the program was a Trojan Horse that spreads over the web. Although it uses Skype to propagate itself, it makes legal use of our APIs to simply send a web link (URL) to another user — that is the full extent of the use of Skype.

    As of 20 December, the sites distributing the malware had been taken off the net, thereby effectively stopping further spread of the malware.”



Amazon Pay is set to be available at petrol stations, restaurants and stores


Skype adds ‘Send Money’ powered by PayPal to mobile apps


EU to force Skype to behave more like BT


Windows 10 Anniversary Update breaks web cams


Amazon Web Services outage causes headaches

ChannelX Guide...

Featured in this article from the ChannelX Guide – companies that can help you grow and manage your business.

Register for Newsletter

Receive 5 newsletters per week

Gain access to all research

Be notified of upcoming events and webinars