Warnings late Monday and very early Tuesday claimed that a worm was propagating across Skype -- one of the most popular voice-over-Internet protocol applications -- and infecting systems with a password-stealing Trojan horse. Tuesday, for example, Symantec issued an alert to customers of its DeepSight threat management service that a worm it dubbed "Chatosky" was spreading in the Asia Pacific region, including South Korea.
"The code isn't a worm," says Dan Hubbard, VP of research at San Diego-based security vendor Websense. "It relies on the end user to acknowledge a binary through the API, which is normal behavior in Skype." In addition, the threat does not make copies of itself.
"It's not exploiting a vulnerability," adds Hubbard.
Skype worm a bit overrated?
Posted on Wednesday, Dec 20 2006 @ 13:23 CET by Thomas De Maesschalck