Skype Warns Users of P-to-P Worm

Skype users are under attack from a new worm that spreads through the peer-to-peer Internet phone application's chat feature.

The attack begins when a user receives an instant message containing a link from someone in their contact list or an unknown Skype user, said Villu Arak, a Skype spokesman based in Tallinn, Estonia.

There are several versions of the chat messages, which are "cleverly written" to fool users, Arak wrote on the Skype heartbeat blog. The link appears to contain a JPEG photo file, but if clicked causes the Windows run/save dialog box to appear, which asks whether the user wants to save or run a ".scr" file.

The file is malicious software that can then access a user's PC via Skype's API (application programming interface). The malicious file has been named W32/Ramex.A.

"Users whose computers are infected with this virus will send a chat message to other Skype users asking them to click on a web link that can infect" their computers, Arak wrote.

To avoid trouble, users should not download the file. At least two security vendors, F-Secure Corp. and Kaspersky Lab Ltd., have updated their software to detect the worm, Arak wrote.

Instant message programs are another way hackers can try to gain control over PCs. Access to one person's instant messenger or e-mail account can mean contact details for many others, allowing hackers to use malicious e-mails or instant messages to lure victims into downloading malicious software.