Skype Worm Infects Windows PCs

← Back to Stories (view on slashdot.org)

Skype Worm Infects Windows PCs

Posted by kdawson on Tuesday September 11, 2007 @07:42AM from the footsteps-of-msn-and-yahoo dept.

walterbays writes with news of a worm spreading to Windows PCs through Skype's IM. The worm is variously called Ramex.a and Pykspa.d. A poster on a Skype forum explains how to remove it. "After hijacking contacts from an infected machine's Skype software, it sends messages to those people that include a live link. Recipients who blithely click on the URL — which poses as a JPG image but is actually a download to a file with the .scr extension — wind up infected."

10 of 127 comments (clear)

Min score:

Reason:

Sort:

Worm? by Hatta · 2007-09-11 07:44 · Score: 4, Insightful

Recipients who blithely click on the URL -- which poses as a JPG image but is actually a download to a file with the .scr extension -- wind up infected.

I'm sure I won't be the first to point out that such an attack vector is not a worm.

--
Give me Classic Slashdot or give me death!
Skype itself is blameless by ZwJGR · 2007-09-11 07:52 · Score: 5, Insightful

Skype itself is (mostly) blameless, how can they be expected to protect users from this sort of attack (perhaps by pointing out to users that the link/download they're clicking on is a screensaver exe..., but Windows ought to tell you that anyway...)
Naming it a worm is a minor overstatement as well.
It propagates by user incompetence, not by a technical flaw...

These sort of malware executables circulate on email lists (and I daresay, other IM networks) already, so it's no surprise that Skype has "joined the club" of being big enough to attract unwanted attention...

--
There is no psychiatrist in the world like a puppy licking your face - Ben Williams
1. Re:Skype itself is blameless by jimicus · 2007-09-11 08:03 · Score: 4, Insightful
  
  It propagates by user incompetence, not by a technical flaw...
  
  If the last 8-10 years have taught the IT industry nothing else, we should at least be well aware by now that basing your security on "user never does anything stupid" is a pretty effective way to ensure that the user's system will be emailing everyone and his dog adverts for Geniun Vigara!!!111 (sic) by the end of the day.
2. Re:Skype itself is blameless by gowen · 2007-09-11 08:12 · Score: 5, Insightful
  
  Skype itself is (mostly) blameless
  You what? Their program runs executable content from a URL without a warning or asking for confirmation. That's insanely bad design.
  
  --
  Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
3. Re:Skype itself is blameless by haeger · 2007-09-11 09:06 · Score: 2, Insightful
  
  Yet we happily run around screaming "Linux has no viruses", effectivly teaching our users to not be careful. And almost anything configuration-like we want to do requires a root-like password, effectivly teaching everyone to be careless with that too.
  
  We've got to start looking out or we will have our shiney metal asses bitten.
  
  .haeger
  
  --
  You are not entitled to your opinion. You are entitled to your informed opinion. -- Harlan Ellison
Re:Software diversity is a good thing. by abigor · 2007-09-11 08:07 · Score: 3, Insightful

You have no idea what you're talking about.
Re:Software diversity is a good thing. by Opportunist · 2007-09-11 08:08 · Score: 4, Insightful

And how? By not implementing a messenging system the moron user can click and infect himself?

Where's Skype to blame if someone gets a link sent and clicks it without even trying to see what's behind it?

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Re:Microsoft's fault? by recoiledsnake · 2007-09-11 08:54 · Score: 4, Insightful

I fail to see how that behavior makes a difference here. The user clicks on a link that ends in .JPG, and the browser asks him to run or save an SCR file. No hiding the extension is involved here. If the user runs it, BAM. If he saves it, THEN he or someone else would not be able to see the extension and would run it(Though I think XP SP2 pops up a warning about it being a file from the internet zone, not sure if the full filename shows up in the warning though).
Hiding the extension is a very most annoying thing though, it's the first setting that I change on a new install of Windows.

--
This space for rent.
Re:Microsoft's fault? by everphilski · 2007-09-11 09:18 · Score: 2, Insightful

With the default behavior of hiding the extension, XP leaves non-technically proficient users vulnerable to this.

I fail to see how a 'non-techinically proficient user' would notice the appropriate extension...
Re:Assume by cbiltcliffe · 2007-09-11 12:28 · Score: 2, Insightful

Do we really need the title to say "Windows PCs"? I thought that was implied any time malware was concerned.
Yes, we do. Because for a start, every time we don't, Linux/BSD/Mac/FreeDOS/Solaris-x86 fans complain that it's not "PCs" that are vulnerable, it's Windows. Which is true. Also, since the article says Windows PCs, the /. summary is just quoting that. It's also a good thing that the article states this, because the less technical crowd who might read it may notice that it's only Windows PCs that are affected, and start wondering what there is besides Windows PCs, or maybe look into purchasing something alternative that's not affected by so many worms/viruses/spyware.

--
"City hall" in German is "Rathaus" Kinda explains a few things......