A new Trojan is recording Skype phone calls on Windows PCs, security research firm Symantec (NASDAQ: SYMC) reported today.
"What we're looking at is something that could be considered the first 'wiretap Trojan,'" Symantec's Intel Security Team.
Symantec's analysis found that the Trojan, which it dubbed "Trojan.Peskyspy," can record audio on a computer such as Skype calls, store the file locally as an encrypted mp3 and then relay it back to the hacker.
Trojan.Peskyspy is designed to beat Skype's encryption, Symantec found. "Since the Trojan listens to the data coming to and from the audio devices, it gathers the audio independently of any application-specific protocols or encryption applied by Skype when it passes voice data at the network level," the company said.
The virus can attack the Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003 and Windows 2000 operating systems.
The Trojan does not exploit a Windows flaw, a Microsoft spokesperson told InternetNews.com. "Trojan.Peskyspy does not exploit any security vulnerability, but rather relies on user interaction in which the user would need to install/execute an application."
To avoid Trojans, "users should exercise caution with e-mail and attachments received from unknown sources, or received unexpectedly from known sources. Equally important, users should avoid visiting un-trusted websites as they could possibly be malicious in nature prompting one to download and run a dangerous executable,"
Bookmarks