Security experts have urged companies to ensure that VoIP and instant messaging applications are not allowed to act as backdoors into corporate networks after the discovery of a new worm that spreads via Skype's IM chat system.
Pykse-A poses as a link to a photograph of a young model called 'Sandra'. Clicking on the link displays an image of a scantily clad model wearing stilettos, but only after infecting the PC with a downloader Trojan which then installs the worm.
"Once up and running, Pykse-A attempts to connect to a number of remote websites, presumably in an attempt to generate advertising revenue by increasing the number of hits," said Graham Cluley, senior technology consultant at Sophos.
"It is another example of the methods that malware authors can use to make money.
"With an ever increasing wave of malicious attacks, companies need to ensure that they have secure defences in place, and that they are enforcing policies about what programs users can run and which websites they can visit."
Cluley added that a number of worms have spread via Skype instant messaging in the past, none of which have been particularly widespread compared to other major malware outbreaks.
Last year Sophos conducted a poll of system administrators and found that 86.1 per cent of those who expressed an opinion wanted the power to control the use of VoIP. Some 62.8 per cent said that blocking VoIP was essential.
Stiletto model malware spreads via Skype
By Robert Jaques on Apr 18, 2007 2:48PM