Stration variant spreading through Skype

By on
Stration variant spreading through Skype

Websense has discovered a new set of malicious code being distributed by the Stration worm through the Skype network.

The code sends infected PCs a message asking them to click on a hyperlink, which then redirects them to a malicious file downloader. That file then downloads malware.

The downloads contain versions of  Stration, also known as Warezov, that open backdoors to systems for new malicious code, according to an alert released Thursday by Websense.

The trojan then sends the URL to all Skype contacts and attempts to connect to a Yahoo mail server, which is not operable, to send a SMTP message, according to Websense.

Dan Hubbard, vice president of security research at Websense, told today that enterprises should manage Skype the same way they would any other messaging application.

"It’s just another vector, it’s not really all that different from AOL Instant Messenger or MSN Messenger, it’s just a different platform. We have seen quite a few people on Skype message boards talking about it," he said.

"Skype users are more tech savvy, so when you see quite a few people saying that they’ve got a message and then it started doing weird things to my machine, it’s noteworthy."

Late last month, F-Secure reported two users received links to a file infected with Stration.

At that time, Stration variants used instant messaging platforms to disperse, but not yet Skype, according to company weblog posts by Mikko Hypponen, F-Secure chief research officer.

Hypponen told that the attacks have had limited success – partially because of Skype’s attention to security.

"We saw [attacks] for the first time two or three weeks ago, but they don’t seem to be working too well," he said. "Skype is harder to target than most others. Those guys are taking very security very seriously."
Got a news tip for our journalists? Share it with us anonymously here.

Most Read Articles

Log In

  |  Forgot your password?