• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Password-Stealing Trojan Targets Skype

malware

New Member
Joined
Nov 7, 2004
Messages
5,422 (1.12/day)
Likes
954
Location
Bulgaria
Processor Intel Core 2 Quad Q6600 G0 VID: 1.2125
Motherboard GIGABYTE GA-P35-DS3P rev.2.0
Cooling Thermalright Ultra-120 eXtreme + Noctua NF-S12 Fan
Memory 4x1 GB PQI DDR2 PC2-6400
Video Card(s) Colorful iGame Radeon HD 4890 1 GB GDDR5
Storage 2x 500 GB Seagate Barracuda 7200.11 32 MB RAID0
Display(s) BenQ G2400W 24-inch WideScreen LCD
Case Cooler Master COSMOS RC-1000 (sold), Cooler Master HAF-932 (delivered)
Audio Device(s) Creative X-Fi XtremeMusic + Logitech Z-5500 Digital THX
Power Supply Chieftec CFT-1000G-DF 1kW
Software Laptop: Lenovo 3000 N200 C2DT2310/3GB/120GB/GF7300/15.4"/Razer
#1
A password-stealing Trojan is targeting Skype, posing as a security plug-in for the popular VOIP and IM service and displaying a fake log-in screen that's almost identical to the real thing. McAfee's Avert Labs is identifying the Trojan as PWS-Pykse, and F-Secure is referring to it as Trojan-Spy.Win32.Skyper.B. Skype is calling it 65404-SkypeDefenderSetup.exe. The Trojan identifies itself as the "Skype-Defender" plug-in and is attempting to steal Skype usernames and passwords, along with all usernames and passwords saved in Internet Explorer. After execution, the Trojan disables running instances of Skype and swaps in its fake Skype login window. If the victim enters his or her username and password, the malware captures it and any others saved in IE and posts it via http to a Web site for the malware author to retrieve. Security researchers, and Skype, are recommending that users update their antivirus detections to avoid infection.

Source: eWeek