On the worm that affects Skype for Windows users
(updated at 16.30 GMT with Symantec reference)
(update at 17.15 GMT: FSecure now calls the virus W32/Skipi.A. Symantec has named it W32.Pykspa.D.)
(update at 9 am GMT on Sep. 11: Our security team is actively engaging with domain owners to shut down malicious websites that are being used to spread the virus.)
- – - – -
The new week has started with a bang. And not the kind of bang we like.
Here’s what Kurt Sauer, Skype’s Chief Security Officer, has to say:
“Skype has learned that a computer virus called “w32/Ramex.A” is affecting users of Skype for Windows. Users whose computers are infected with this virus will send a chat message to other Skype users asking them to click on a web link that can infect the computer of the person who receives the message.
“Please note that Skype users ONLY become infected after they have downloaded the link and run the malicious software. The chat message, of which there are several versions, is cleverly written and may appear to be a legitimate chat message, which may fool some users into clicking on the link.
“Skype has been in contact with the leading antivirus software companies about this worm, and we know that they are updating their software to effectively stop this worm and as well as its side effects. Currently, F-Secure, Kaspersky Lab and Symantec have already updated their antivirus products to detect and remove the worm.
“We would like to encourage our users to ensure that they are running anti-virus software on their computers and to download the latest anti-virus updates in order to provide the best protection against this and other viruses.”
More information can be found at heartbeat.skype.com. Wishing you a virus-free week.
I’ve reported the worm in my blog in the end of May. Then it had reached Bulgaria and had spread quite fast. There were at least 6 bulgarian versions that used the original worm. We spread the message and now most users here know about this kind of attack.
However the worm I noticed didn’t do any damage or collect information – it just spreads itself. I managed to track it to Lithuania, although the hackers alias seemed Polish.
Here is the report (in bulgarian ) – http://yurukov.net/blog/2007/05/31/malykbezvrdenskypevirus/
Hi
I use a Netgear cordless phone with Skype to make calls. Since Monday night Australian time the phone has packed up and a message “System is starting up” is constantly displayed. Could someone with a similar phone based system let me know how to fix this problem please?
Thank you.
Beware of the latest Skype Phishing Scam. please read the full account in my blog. i think they are terrorists because i traced the scammers’ homepage and it is written in Arabic.
This is the location of my blog:
http://www.thefinestwriter.com/beware_skype_wannabee_scam.htm
“I think they are terrorists because…the scammers’ homepage…is written in Arabic.” mikelgabriel, you’re an idiot. If a white person scams you, he’s a scammer, but if an Arab scams you, he’s a terrorist?