Websense Security Labs reported on its blog on Monday that there was a potential worm propagating via Skype. On closer inspection the firm has discovered that this is not a self-propagating worm at all and is actually a trojan horse.
"After discussions with the very helpful Skype security team, the behavior of this Trojan using the Skype API is as per the specifications of the API," said Websense.
"The end user who is running Skype does get notified that a program is attempting to access it and must acknowledge it."
Skype users would receive a message via Skype Chat to download and run a file with a filename of sp.exe. If the file is run it appears to drop, and runs a password stealing trojan horse. But the user must choose to run the program.
"There is no vulnerability in Skype at this time that has been uncovered," the company said.
The threat may already be abating anyway. Websense confirmed today that the websites that were used to download the Skype API code and the site that is used to download new copies of the trojan were both down.
_(5).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
Digital NSW 2025 Showcase
_(1).jpg&h=140&w=231&c=1&s=0)
