Trojan horse dupes Skype users, steals usernames, passwords

More malware on the loose, says VoIP vendor

Skype again warned users of its software that malicious code targeting the voice-over-IP (VoIP) and instant messaging service was on the prowl, the second such alert in the past five weeks.

A Trojan horse posing as a Skype add-on is stealing log-on credentials, the company's online spokesman, Villu Arak, said yesterday in a blog posting. Calling itself Skype Defender, the malware installs if users download and run the executable SkypeDefenderSetup.exe, then launches to display a mock Skype interface complete with username and password fields. Entering valid information, however, only results in the bogus application claiming, "Your Skype name and password were not recognized. Please check and try again."

By that time, the log-on information, usernames and passwords remembered by Internet Explorer have been snatched and sent to the attacker.

The alert came five weeks after Skype acknowledged that the Ramex.a worm was hijacking computers running the VoIP software.

Most security vendors had updated their detection signatures to account for the new threat. "The PWS-Pykse Trojan does not spread by itself," said Pradeep Govindaraju, a McAfee researcher, on the company's security blog today. "It relies on social engineering techniques to trick the victim into executing it and is usually posted onto dodgy sites or forums."

Links to sites hosting the Trojan horse have been passed to some Skype users via instant messaging, other security researchers reported.

"An alert Skype user would notice that it looks very different from the normal log-in window," added Govindaraju, "especially since none of the hyperlinks or options displayed are functional."

In other security news involving Skype, Websense warned of a scam that arrives as a spammed instant message and claims that the recipient's PC is infected with multiple pieces of malware. Coming from a user dubbed "Scan Alert," the message prompts the user to click on a link to download a patch; naturally, the "patch" is no such thing.

Instead, the Web site displays a dialog asserting that the PC is infected and offers to remove the malicious code if the user pays US$19.95 for something called "Windows Software Patch -- Scan & Repair."

The scam is a triple threat, said Websense in a warning posted to its Web site. "This serves as [an] example of spam propagating on Skype, with malware authors utilizing social engineering to pass their malware off as legitimate software and attempting to collect money directly at the same time."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Gregg Keizer

Gregg Keizer

Computerworld
Show Comments

Essentials

Mobile

Exec

Sony WH-1000XM4 Wireless Noise Cancelling Headphones

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?