A Trojan suspected be spreading through Skype chat
NEW YORK: Computer security experts have alerted about the possibility of a worm spreading through the VoIP service offered by Skype. Security services provider Websense Inc. said it has identified the password-stealing virus spreading through the chat software of Skype and infecting user computers.
Typically, users receive a message asking them to download a file called "sp.exe" and when a user does so, the virus downloads the Skype programming code and new versions of itself from the internet and tries to steal passwords, Websense's security alert said.
Websense said the Trojan does not exploit any security flaw in Skype as the VoIP program properly enforces security while one tries to gain access to it.
The security firm also said the infections were mostly reported in the Asia-Pacific region, particularly in South Korea.
There are security experts who say the Trojan is not particularly targeting Skype. They say there is no massive outbreak with Skype at the moment.
Another security services provider, Symantec Corp. has flagged this worm, naming it W32.Chatosky.
According to a Websense blog, the worm uses the NTKrnl Secure Suite packer, an encryption program that makes the files appear unique to detection engines. This makes flagging and catching the worm difficult. The maker of the encryption code, www.ntkrnl.com, which has packaged the worm, is not serving it anymore, Websense added.