Slashdot Mirror
Skype Trojan Can Log VoIP Conversations
Slatterz writes "Security giant Symantec claims to have found the public release of source code for a Trojan that targets Skype users. Trojan.Peskyspy is spyware which records a voice call and stores it as an MP3 file for later transmission. An infected machine will use the software that handles audio processing within a computer and save the call data as an MP3. The file is then sent over the internet to a predefined server where the attacker can listen to the recorded conversations."
What??? Mac users are gay?
Are these gay? http://www.slashgear.com/wp-content/uploads/2009/01/steve-jobs-3g-iphone1.jpg
Is this gay? http://images.businessweek.com/mz/04/44/0444_20innova.jpg
iDon't think so, troll!
I wonder if they're talking about this trojan http://it.slashdot.org/story/09/08/26/144249/Coder-of-Swiss-Wiretapping-Trojan-Speaks-Out
Good point. If it can't access an mp3 encoder, then it can't record it to an mp3. On the other hand, what stops it from using any available audio encoder installed?
signature is pants
It appears that a guy named Ruben Unteregger published the source code on his site at http://www.megapanzer.com/source-code/#skypetrojan
According to his site, he removed a plugin system from the source as well as code to bypass firewalls, but he'll add it back in at a later date.
From looking at the source, this is heavily geared toward Windows, so the current iteration of the source doesn't affect OS X at this time.
Does this affect the Mac OS X version, or does at least one of the callers have to be on a PC?
It's written for Windows, like usual, and at least one of the callers would have to be infected.
Source: http://www.megapanzer.com/2009/08/25/skype-trojan-sourcecode-available-for-download/
Here I sit, all broken hearted.
Came to poop, but only farted.
Honoured friend,
Forgive me this unusal contact, but the circumstanes of perfection are such.
My name is Ringotha Dingo. I am an administrator at the European/African Internet Facility.
Through my work, and the unfortunate death of my colleage, I have available to me many unused and unencrypted, cross platform Moderator points. I would be most eager to benefit you with them; however, due to a revolution in my country I am unable to access my computer network. This can be arranged by my agent in London. Please contact him directly, and reference the small agreement that you might benefit me with so that I might flee my country with my wife and two children.
I am awaiting your abrupt reply. And will immediately have you sent an bankers draft by email if you will provide me with such.
All my good fortunes to you!
Ringotha Dingo
Adminsistrator African Europeein Internets
Toob Farm, Sweatn Bongos
Gontoofar Way
PCs to most people are the scary blinky box in the corner. PCs to some are any x86 machine (Macs included). The original acronym means Personal Computers, as you stated. By that definition, my cell phone is a PC. While some may argue the point, it seems most likely that when the average /.er says PC, they mean x86, running Windows.
Audio (and everything else) sent by skype is encrypted.
That is why you need to install a Trojan ON the target machine. This Trojan grabs it AFTER it has been decrypted by skype.
Because it is running local it should be detectable.
Because they chose the trojan route, you can be reasonably assured that breaking the encryption is harder and more troublesome than sneaking into your house and installing a trojan or tricking you into installing it for them.
Sig Battery depleted. Reverting to safe mode.
That would be LAME.
If you could track the numbers called (on skypeout), you might be able to identify calls to banks, credit card companies, etc., and listen only to those.
.sig withheld by request
Slashdot... Didnt the person who created this release this open source before the weekend?? Symantec is a little slow on the ball... http://it.slashdot.org/story/09/08/26/144249/Coder-of-Swiss-Wiretapping-Trojan-Speaks-Out
you know you can fry stuff putting things into things that dont like the things you put into it...
As usual, I see no Linux support at all. I've almost made up my mind to format and install Windows again. Damn those rat bastard virus writers! Always forgetting us lusers!
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
You know, I'd rather have a homophobic retard bigot like you think I was gay, rather than having a gay person think I was a homophobic retard bigot.
Like you.
Guaranteed! This comment 100% Anthrax free!
I'm gonna call myself and play all my CDs through Skype. That way the RIAA will unleash their pack of lawyers on the scammer who illegally downloads all those songs as MP3s off my computer.
Nonsense. LAME ain't an mp3 encoder!
I've tried Symantec products. This could not be true.
If they wrote a virus it would have a 500MB install and you'ld have to click the EULA four times. It would take 90% of CPU and 90% of RAM while doing nothing and require 100% of everything for a couple of hours to update before it could do something. The updater would break and you'ld have to reinstall Windows, then the update prep package, and then the virus to get it to activate at all. And when it was finally working, it would break before connecting to its control server.
If you wanted a virus that bad, you might as well install Windows 98. At least the user interface would be similar to Symantec.
Help stamp out iliturcy.