Today's Security Fix
by Cara Garretson
Security

New malware listens to Skype calls

1 comment | 3I like it!
Tags: malware, Skype
More »
Recent Posts
September 3, 2009, 06:01 AM — 

 Security researchers have found a new type of Trojan malware that listens to and records VoIP calls made via Skype.

The malicious code, called TROJ_SPAYKE.C, is able to intercept Skype traffic after a call is initiated but before it is encrypted, according to a post on Trend Micro’s malware blog. The fact that Skype encrypts traffic, and therefore is viewed as safer than traditional phone calls, is one reason why so many people use it.

This malware could change that.

The Trojan saves recorded conversations as audio files, which then are sent to a third party to steal any personal or financial information that may have been discussed on the call.

Trend Micro says the malware is in the proof-of-concept phase, since currently it collects information but doesn’t decrypt it. The Trojan is freely available and can be downloaded from a Web site.

Trend Micro says it can detect the new Trojan with its cloud-based Smart Protection Network, but still warns Skype users not to detail sensitive information during VoIP conversations.

Do you tweet? Follow me on Twitter here.

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world

I like it!
Comments
1 comment Add a comment

Discussing things on the phone is never safe

People who use skype, do yourselves all a favor and forget about that program, because it's no safer then normal phone calls. In fact it's very easy to intercept.
by Damien (not verified) on 9/3/09 at 1:56 pm | reply
View all comments »
peer-to-peer

Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers

Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal

Tom Henderson
Top Ten General Operating Systems Rants

pasmith
PS3 motion controller delayed; goes up against Project Natal

sjvn
Neolithic Windows security hole alive and well in Windows 7

claird
Perl source code comparison makes for good reading

mikelgan
Cell phones don't create stress or interrupt much

Sandra Henry-Stocker
How to: The Unix Interview

 

Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann

Join the conversation here

The Daily Tip

The Daily TipQuick, practical advice for IT pros. Made fresh daily.

Hot tips:

Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.

Newsletters

Subscribe to ITWORLD TODAY and receive the latest IT news and analysis.

I would like to receive offers via email from ITworld partners.
By clicking submit you agree to the terms and conditions outlined in ITworld's privacy policy.
view all newsletters »
Marketplace