Skype’s Chat Worm

Skype is certainly taking some punishment recently. Today the news broke that someone has let loose a worm that uses the Skype API to send a chat message to your Skype contacts. The chat message includes a link which (if the user clicks on it) will download the w32/Ramex.A virus, which in turn infects their PC, and will visit their Skype friends. Obviously, this is a big concern for anyone with a user base as large as Skype’s, since even a small percentage of users that click on the link can cause wide distribution.

More: Skype Blog

7 thoughts on “Skype’s Chat Worm

  1. Scm

    Hi Martyn,

    In the future, how many worms/virsus and voip attacks do you think will be happening in the future ? Do you think it will cause a down fall in voip ?

    Thanks

  2. Shawn Merdinger

    With all the attention on the recent Skype attacks, outages (er, upgrades and finger-pointing) I suggest it’s worthwhile looking at these events from the emergency perspective, such as how Skype was used in post-Katrina operations.

    See:
    http://www.nps.navy.mil/DisasterRelief/docs/NPS-Katrina_AAR_LL.pdf

    HASTILY FORMED NETWORKS FOR COMPLEX HUMANITARIAN DISASTERS AFTER ACTION REPORT AND LESSONS LEARNED FROM THE NAVAL POSTGRADUATE SCHOOL’S RESPONSE TO HURRICANE KATRINA 1 – 30 September 2005

    Authors
    Brian Steckler (NPS Faculty)
    Bryan L. Bradford, Maj, USAF (NPS Student)
    Steve Urrea, Capt, USMC (NPS Student)

    —————————————————–

    To see what I’m talking about here, download the PDF and search for “Skype” in the document.

    A few examples:

    “Skype had been well received and continued to be provided to local users…”

    “Laptop and backup laptop loaded with all the standard applications (…, Skype,…)”

    “Headset for Skype personal digital assistant (PDA)”

    “802.11/802.16/SATCOM/VoIP/Skype/Groove integration”

    And plenty more….

    Kind regards,
    –scm
    Shawn Merdinger

  3. Scm

    Hi Shawn,

    Thanks for your reply. Shawn, I know that voip has to some extent gone mainstream but do you believe this service in 5-10-15 years down the road will be larger than it is today ?

    Thanks

  4. Jim Courtney

    In fact, it is not a VoIP worm, it is an IM worm. Anyone who owns one of the security suites such as Norton Internet Security got an upgrade for this worm. Check out the links at my post at http://skypejournal.com/blog/2007/09/virus_warning_be_wary.html. Symantec and other security software publishers have been dealing with these types of IM worms for quite a while. In fact, the good news is that it took so long for one of them to show up in the Skype IM; they apparently have been showing up on MSN and AIM for some time.

    And the security firms work closely with the IM firms to arrest their spread.

  5. Shawn Merdinger

    In response to:

    “Thanks for your reply. Shawn, I know that voip has to some extent gone mainstream but do you believe this service in 5-10-15 years down the road will be larger than it is today?”

    Dude, no question VoIP will grow — haven’t you seen the “analyst” reports and estimates from the likes of Gartner, In-Stat, etc., etc., ad nauseam…you can always use “The Google” on this one too.

    VoIP will grow because it’s all about (saving) the Benjamins…and we’ll likely see more consolidation as well as degradation in quality, service uptime, etc. — think along the lines of Wal-Mart quality for voice communications, but without the lead paint.

    Also, if you don’t mind stating who you are I’d appreciate it since we have the same initials and I wish to avoid confusion.

    Thanks,
    –scm
    Shawn Merdinger

  6. Martyn Davies Post author

    >> …. how many worms/virsus and voip attacks …..
    Yes, of course there will be more, as we now have to suffer with email spam and worms/viruses on our computers. Some will be “script kiddy” attacks mounted by people that just want to be a nuisance and crash computers and services. Some will be attempts to steal or extort money in one way or another; this is inevitable, since wherever there is money, you will find criminals trying to get their hands on it.

    But will it be the downfall of VoIP? No, VoIP is just a technology that can be implemented well or badly like any technology. VoIP will grow, because this is the way that telcos are moving: yesterday’s digital phone backbones are being changed over to VoIP because it allows multiple networks to be consolidated into one data backbone. For example British Telecom have a project called 21CN which will convert all the UK phones to VoIP by 2011. The users will still have the same phone handsets in their houses, but the actual calls will be VoIP over the backbone, saving BT around $2 billion a year in running costs.

Comments are closed.