While Skype is pushing forward for an enterprise version of its VoIP service, a new worm detected by F-Secure and Sophos affects Skype’s P2P VoIP application.
We may call it IM-Worm W32/Pykse or Mal/Pykse-A. When Pykse infects a computer, it changes Skype user’s status to DND (do not disturb), as shown in the above image. Then, the worm sends emails containing malware links to the online friends in the Skype contact list.
When a Skype user clicks the link, an image of a scantily clad model is displayed after infecting the PC with a downloader Trojan which then installs the worm. The malware authors have created the image deliberately to pretend the aim of the download.
Graham Cluley, senior technology consultant at Sophos elaborates,
Once it’s up and running, the Pykse worm attempts to connect to a number of remote websites, presumably in an attempt to generate advertising revenue for them by increasing their number of ‘hits’.
Worms spreading through Skype is not new. In most of the cases, the Skype worms were proved not so harmful. Let’s hope the Pykse worm will not create any series problem.
