Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    February 2012
    S M T W T F S
    « Jan    
     1234
    567891011
    12131415161718
    19202122232425
    26272829  
    • About Us
    Malware Blog > Trojan Targets Skype Users

    TrendLabs researchers were alerted of a newly released Proof-of-Concept (PoC) that listens and records voice calls carried out via Skype. Trend Micro detects this as TROJ_SPAYKE.C. Skype is a popular application used for making voice over IP (VoIP) calls.

    Upon execution, the DLL component (also detected as TROJ_SPAYKE.C) intercepts Skype traffic and hooks the send and recv APIs. This is done before Skype encrypts the traffic it sends to other users. This enables the Trojan to save all gathered information as audio files, which could then be sent to a malicious user. Here’s a screenshot of the captured information:


    Figure 1. Sample of intercepted traffic

    This poses no threat as of the moment; it only collects information but does not decrypt the said information and consequently send it to a remote user. However, future attacks that do engage in information theft cannot be ruled out.

    Users are advised not to give away any crucial information when conversing online to prevent info theft. Trend Micro protects users from this attack through the Trend Micro Smart Protection Network.





    Share this article
    		 Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon



    This entry was posted on Sunday, August 30th, 2009 at 11:07 pm and is filed under Malware, Security . Both comments and pings are currently closed.



    17 Responses to “Trojan Targets Skype Users”

    1. anony Says:
      August 31st, 2009 at 1:03 am

      I think you analysed dll injection poc rather than analysing real skype recorder component. funny, you guys just write anything…

    2. Trackback - Cheap Internation Call >> How to make cheap international call Says:
      November 19th, 2009 at 2:59 pm

      ,<>..] blog.trendmicro.com is one great source of tips on this issue,<>..]

    Trackbacks

    1. TrendMicro (TrendMicro)
    2. o0splitpaw0o (o0splitpaw0o)
    3. iia_security (Terry)
    4. _third (third marquez)
    5. epcdoctor (Ernie)
    6. chrispeoples (chris peoples)
    7. KentuckyExtIT (UK Extension IT NEWS)
    8. JITParenting (Marissa Stone)
    9. DeclanmWaters (Declan Waters)
    10. Trojan Targets Skype Users « Friendly Computers Virus Alerts
    11. UnderForge of Lack » Blog Archive » 2009.09.01 火曜日
    12. wrstech (WRS Technology)
    13. petervogel (Peter Vogel)
    14. Daily Digs – 08.31.2009 « Security Stallions Blog
    15. Proof-of-Concept Trojan Targets Skype Users | Kabatology ~ Open Source, Linux


     

    Other Trend Micro blogs
    CTO Insights
    CounterMeasures Blog
    Cloud Security Blog
    Consumerization Blog
    Fearless Web
    Internet Safety for Kids & Families
    Simply Security News
    Trend Micro Blog [German]
    TrendLabs Security Blog [Japan]
    Cloud Security APAC
    Trend Micro Free Tools Threat Encyclopedia Trend Micro Videos
    Do you have a product-related question? Visit our eSupport website.

    © Copyright 2011 Trend Micro Inc. All rights reserved. Legal Notice