A new instant-messaging pest that spreads using the chat feature in Skype has surfaced, security firm F-Secure warned Monday.
The worm, dubbed Pykse.A, is similar to threats that affect instant-messaging applications. A targeted Skype user will receive a chat message with text and a Web link that looks like it goes to a JPEG file on a Web site, F-Secure said on its Web site.
Clicking the link will redirect the user to a malicious file. The file, after executing, will send a malicious link to all online contacts in a Skype user's list and will show a picture of a scantily clad woman, F-Secure said. In addition, it sets the user's Skype status message to "Do Not Disturb," the security firm said.
Pykse also visits a number of Web sites that don't host any malicious code and a site that appears to count infected machines, F-Secure said. The Finnish security company doesn't list any particular malicious payload for Pykse other than it spreading and visiting Web sites. The IM worm affects Skype users running Windows.
In February, attackers also targeted Skype users with another Trojan horse that had propagation capabilities.
Skype has acknowledged in the past that its instant-messaging feature could be used for nefarious purposes just like any other IM service. Kurt Sauer, Skype's chief security officer, repeated that acknowledgment on Monday in a statement sent by the company's public relations agency.
"Harmful viruses and Trojan horses may damage a user's computer and collect private data, regardless of whether a person is using Skype, e-mail or other IM clients," Sauer said in the statement. "Skype strongly recommends that users take extra caution in general when asked to open attachments or links from unknown people, or suspicious-looking attachments even from people you know."
Skype also recommends using antivirus software to check the files received from other people.
There is no mention of which operating systems are susceptible to this malware, and this is a serious disservice to your readers. Take our case: After 15 years, we are spending a good deal of money switching our business entirely to Intel Mac's, primarily for security reasons, though usability is also improved. We run a small number of PC-only programs (flawlessly) in virtual machines on our Macs at the same time as running OS X. The PC side of the Mac does not have email and is limited to only a few IP addresses on the net. We do not currently use any antivirus protection for the PC or the Mac sides.
Incidentally, we do sophisticated software, firmware and hardware for robotics education and research. (No battle bots or hobby work products) and we have been dealing with the horrors or Microsoft internals for many years. Their operating systems are houses of cards, and they continue to be so because Microsoft's monopoly position (threatened by the Clinton administration but then predictably left virtually untouched by Bush) allows them to get away with it.
Your news organization should not be part of this silence.
It may be that reporters or news outlets are somehow being intimidated by Microsoft's legal clout so that no mention is made that these are windows problems. (At least I expect they are. Certainly, if these were OS X or Linux problems they would be generating a different kind of story altogether.) But whether the omission is from fear or laxity or some other source, it is a glaring omission all the same.
I think you have to decide whether you are reporters or shills.
Sauer's advice about only trusting content from your friends doesn't hold water, because as the article states the worm sends the bad link to all the victim's contacts. You would think by now these guys would have a clue. This is the same crappy advice that Microsloth keeps dishing out. The advice should be, "Don't trust strangers and don't trust your friends. Better yet, don't use our crappy insecure product."
"Clicking the link will redirect the user to a malicious file. The file, after executing, will send a malicious link to all online contacts in a Skype user's list..."
Each of these so-called security companies has a vested interest in reporting the next new Worm, Trojan or malicious exploit. A press release features their efforts and everyone is urged to update their security software. At the root of all this hype are basic security practices: Don't answer anything from a stranger, don't click on random chat links and don't buy into F-secure's hype.
Web giant is spending $120 million to beef up its Mountain View, Calif., headquarters, according to filings with the city reviewed by the San Jose Mercury News.
The Samsung Galaxy Mini 2 S6500 could make its debut at the Mobile World Congress in Barcelona later this month, according to a leaked promotional image.
MIT creates a simulation to celebrate the 50th anniversary of Spacewar. A relic of the early days of minicomputers, it was one of the first computer video games and set the stage for many others, including Asteroids.
Skype.
<a class="jive-link-external" href="http://www.f-secure.com/v-descs/im-worm_w32_pykse_a.shtml" target="_newWindow">http://www.f-secure.com/v-descs/im-worm_w32_pykse_a.shtml</a>
to this malware, and this is a serious disservice to your readers.
Take our case: After 15 years, we are spending a good deal of
money switching our business entirely to Intel Mac's, primarily
for security reasons, though usability is also improved. We run a
small number of PC-only programs (flawlessly) in virtual
machines on our Macs at the same time as running OS X. The PC
side of the Mac does not have email and is limited to only a few
IP addresses on the net. We do not currently use any antivirus
protection for the PC or the Mac sides.
Incidentally, we do sophisticated software, firmware and
hardware for robotics education and research. (No battle bots or
hobby work products) and we have been dealing with the
horrors or Microsoft internals for many years. Their operating
systems are houses of cards, and they continue to be so because
Microsoft's monopoly position (threatened by the Clinton
administration but then predictably left virtually untouched by
Bush) allows them to get away with it.
Your news organization should not be part of this silence.
It may be that reporters or news outlets are somehow being
intimidated by Microsoft's legal clout so that no mention is made
that these are windows problems. (At least I expect they are.
Certainly, if these were OS X or Linux problems they would be
generating a different kind of story altogether.) But whether the
omission is from fear or laxity or some other source, it is a
glaring omission all the same.
I think you have to decide whether you are reporters or shills.
"Clicking the link will redirect the user to a malicious file. The file, after executing, will send a malicious link to all online contacts in a Skype user's list..."
Windows" are affected. (This is what their "Platform: W32"
designation means.)