http://news.techworld.com/security/3200665/skype-spy-trojan-escapes-into-wild/ By John E. Dunn Techworld UK 28 August 09 Only days after Swiss programmer Ruben Unteregger released the source code for a Trojan he wrote three years ago to hack Skype phone calls, the inevitable has happened - someone has released it as a compiled piece of ‘faux' malware. Unteregger posted the code on his website under a GLPv3 license, presumably in the hope that its publication would make it impossible to use against real users, having had second thoughts about the morality of his creation. He wrote the program in 2006 for a private company, ERA IT Solutions, which alledgedly sold it on to an agency of the Swiss government to use in remote surveillance activities. Now Symantec and Trend Micro have reported that a Windows Trojan with remarkably similar characteristics has turned up in their detection systems, Trojan.PeskySpy in Symantec nomenclature, and Troj_Spayke.C to Trend. Neither company states openly that the Trojan detected is related to Unteregger's open source creation, but there are enough clues to forge a strong connection. Symantec describes how the Trojan intercepts API calls to Skype, capturing and storing audio conversations as MP3 files with caller, date, day and time stamps to identify them, and SkypeOut and SkypeIn call designations. The Trojans then attempts to upload the recordings to pre-defined locations after detecting and attempting to bypass named firewall filters. [...] ________________________________________ Subscribe to InfoSec News http://www.infosecnews.orgReceived on Mon Aug 31 2009 - 02:18:58 PDT
This archive was generated by hypermail 2.2.0 : Mon Aug 31 2009 - 02:33:08 PDT