September 03, 2009, 7:01 AM — Security researchers have found a new type of Trojan malware that listens to and records VoIP calls made via Skype.
The malicious code, called TROJ_SPAYKE.C, is able to intercept Skype traffic after a call is initiated but before it is encrypted, according to a post on Trend Micro’s malware blog. The fact that Skype encrypts traffic, and therefore is viewed as safer than traditional phone calls, is one reason why so many people use it.
This malware could change that.
The Trojan saves recorded conversations as audio files, which then are sent to a third party to steal any personal or financial information that may have been discussed on the call.
Trend Micro says the malware is in the proof-of-concept phase, since currently it collects information but doesn’t decrypt it. The Trojan is freely available and can be downloaded from a Web site.
Trend Micro says it can detect the new Trojan with its cloud-based Smart Protection Network, but still warns Skype users not to detail sensitive information during VoIP conversations.
Do you tweet? Follow me on Twitter here.
