Skype wiretap Trojan revealed
Symantec has detected a new Trojan which targets Skype users in order to monitor and record conversations made using the Internet telephony service. Apparently the source code for this particular Trojan, called Pesky Spy, is already being touted around the usual places where the bad guys can pick up such things. It would appear to work by using the Windows API hooks that are intended for audio applications, such as Skype. The audio processes are monitored, calls recorded as relatively small MP3 files, and transferred quickly to anywhere on the Internet before the victim even knows their calls are being tapped. In fact, before the conversation even hits Skype. Symantec explains that “Because the Trojan listens in the data traveling between the Skype process and the audio device, it gathers the audio independently of any application-specific protocols or encryption applied by Skype when it passes voice data at the network level. Essentially, it sits below these security measures, recording the audio at the Windows level—before outbound audio from the microphone gets to Skype and after incoming audio leaves Skype and reaches the speakers.”
Skype is said to be aware of the Trojan, and is advising that users ensure their anti-virus and firewalls are up to date and operating properly.
Added by Chris Martin:
The fix for the 'Peskyspy' security issue...
In Sept 2009, the makers of 'Skype' closed the security risk with a new release of Skype 4.1 .
This update supposedly closes the security hole. All you need to do is make sure you have Skype ver 4.1 or newer.
Here's how you can check your version:
Open Skype - click the 'Help' link at the top of the window
When you click 'help' this window appears...
If the 'Version' shows 4.1 or higher - you're good to go.
If the version is lower than 4.1 - download the latest version of Skype at www.skype.com
