Skype Trojan Can Log VoIP Conversations

← Back to Stories (view on slashdot.org)

Skype Trojan Can Log VoIP Conversations

Posted by timothy on Sunday August 30, 2009 @11:24AM from the sans-malice-would-be-a-useful-thing dept.

Slatterz writes "Security giant Symantec claims to have found the public release of source code for a Trojan that targets Skype users. Trojan.Peskyspy is spyware which records a voice call and stores it as an MP3 file for later transmission. An infected machine will use the software that handles audio processing within a computer and save the call data as an MP3. The file is then sent over the internet to a predefined server where the attacker can listen to the recorded conversations."

9 of 151 comments (clear)

Min score:

Reason:

Sort:

Re:Conspiracy! by Anonymous Coward · 2009-08-30 11:35 · Score: 1, Informative

Have you been living under a rock?
Sounds familiar... by piemonkey · 2009-08-30 11:56 · Score: 5, Informative

I wonder if they're talking about this trojan http://it.slashdot.org/story/09/08/26/144249/Coder-of-Swiss-Wiretapping-Trojan-Speaks-Out
1. Re:Sounds familiar... by Zen+Hash · 2009-08-30 12:28 · Score: 5, Informative
  
  I wonder if they're talking about this trojan http://it.slashdot.org/story/09/08/26/144249/Coder-of-Swiss-Wiretapping-Trojan-Speaks-Out
  
  Yep. Apparently some news site picked it up a week later and wrote their own article without the original details, making it front page news all over again. The only thing new is that Symantec gave it a goofy name.
  
  --
  Here I sit, all broken hearted.
  Came to poop, but only farted.
Source Code Available Here by AgentOJ · 2009-08-30 12:10 · Score: 5, Informative

It appears that a guy named Ruben Unteregger published the source code on his site at http://www.megapanzer.com/source-code/#skypetrojan
According to his site, he removed a plugin system from the source as well as code to bypass firewalls, but he'll add it back in at a later date.
From looking at the source, this is heavily geared toward Windows, so the current iteration of the source doesn't affect OS X at this time.
1. Re:Source Code Available Here by chrb · 2009-08-30 12:37 · Score: 2, Informative
  
  Yes, you may remember the recent Slashdot discussion on this exact topic.
source by Zen+Hash · 2009-08-30 12:12 · Score: 5, Informative

Does this affect the Mac OS X version, or does at least one of the callers have to be on a PC?
It's written for Windows, like usual, and at least one of the callers would have to be infected.
Source: http://www.megapanzer.com/2009/08/25/skype-trojan-sourcecode-available-for-download/

--
Here I sit, all broken hearted.
Came to poop, but only farted.
Re:How can you hide this? by Anonymous Coward · 2009-08-30 12:20 · Score: 1, Informative

Two channels of voice communication can be compressed to about 1kByte/s, less if you omit "silence". No, that is not easily noticeable. You could write uncompressed 8kHz 8bit audio (64kbps*2, 16kByte/s, ISDN quality) and most people wouldn't notice. Most computers are so busy with background processes that regular hard disk activity is expected.
Symantec should read by zcold · 2009-08-30 13:22 · Score: 5, Informative

Slashdot... Didnt the person who created this release this open source before the weekend?? Symantec is a little slow on the ball... http://it.slashdot.org/story/09/08/26/144249/Coder-of-Swiss-Wiretapping-Trojan-Speaks-Out

--
you know you can fry stuff putting things into things that dont like the things you put into it...
Re:How can you hide this? by armie · 2009-08-30 14:05 · Score: 2, Informative

There are a lot of automated banking by phone facilities that rely on the user entering their account numbers and passwords via the keypad. An attacker won't even need sophisticated speech recognition software - all they need is software looking for DTMF tones.