[ insider_reports_insider ]
Skype Hears A New Worm
David Utter
Staff Writer
2007-04-17
 Insider Reports RSS Feed
Another exploit affecting Skype users has been circulating through that network, using Skype's API to send messages with malicious links.
 | | Skype Vulnerability Surfaces |  |
Recipients on an infected Skype user's contact list will receive a random message from a list of links. Following the link in the message results in malware cloaked under a picture of a partially dressed woman being downloaded to the system.
F-Secure said the worm serves to promote a group of websites, all serving the same content: information about Africa. Before sending the message to the contact list, the worm sets the sender's status to Do Not Disturb.
Other than displaying one of the Africa information websites, it isn't clear what else the worm does or can do, besides being an annoyance.
Microsoft DNS Exploit Running Wild: Both Symantec and McAfee have observed exploits of a remote procedure call vulnerability affecting Microsoft's Domain Name Service. A worm attacking the vulnerability is attempting to create a botnet.
McAfee said the worm is an Internet Relay Chat-controlled backdoor, which enables the usual threats to a system: spam relaying, DDoS staging, and others.
Symantec's Shunichi Imano said the worm "opens a back door that connects to the x.rofflewaffles.us domain and awaits for commands from the attacker." The company advises administrators to block TCP port 1025 at the firewall.
---
Tags: Skype, Worm, Microsoft, DNS, Exploit
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
