Forgot your password?

Close
typodupeerror
Privacy Communications Security

Skype Trojan Can Log VoIP Conversations 151

Posted by timothy
from the sans-malice-would-be-a-useful-thing dept.
Slatterz writes "Security giant Symantec claims to have found the public release of source code for a Trojan that targets Skype users. Trojan.Peskyspy is spyware which records a voice call and stores it as an MP3 file for later transmission. An infected machine will use the software that handles audio processing within a computer and save the call data as an MP3. The file is then sent over the internet to a predefined server where the attacker can listen to the recorded conversations."
This discussion has been archived. No new comments can be posted.

Skype Trojan Can Log VoIP Conversations More

Skype Trojan Can Log VoIP Conversations

Comments Filter:

  • Re:Platforms... (Score:1, Insightful)

    by Anonymous Coward on Sunday August 30 2009, @07:44PM (#29255609)

    Does this affect the Mac OS X version, or does at least one of the callers have to be on a PC?

    Doesn't Mac OS X runs on PCs?

  • Re:Platforms... (Score:1, Insightful)

    by Anonymous Coward on Sunday August 30 2009, @07:52PM (#29255645)

    I'm sure that Mac OS X programs can record audio too. Guys, you're running Skype, a program which is closed source, uses anti-reverse-engineering techniques and pretty much behaves like typical malware in many ways. If privacy is a big concern to you, you're doing it wrong.

  • Re:I'm safe (Score:5, Insightful)

    by master5o1 (1068594) on Sunday August 30 2009, @07:57PM (#29255671) Homepage
    Good point. If it can't access an mp3 encoder, then it can't record it to an mp3. On the other hand, what stops it from using any available audio encoder installed?

  • How can you hide this? (Score:4, Insightful)

    by bistromath007 (1253428) on Sunday August 30 2009, @08:01PM (#29255689)
    Wouldn't this quickly take enough disk space to be easily noticeable?

  • Doesn't seem terribly practical (Score:3, Insightful)

    by digitalme2 (965595) on Sunday August 30 2009, @08:03PM (#29255701)
    Seems more like something that would be used by investigators, employers, jealous partners, and their like. As TFA says, "The downside for the malware creators is that they would need a lot of time on their hands to go through hours of Skype audio files to find anything of monetary interest." The idea is so obvious that this is likely why we haven't seen this before.

  • Re:How can you hide this? (Score:4, Insightful)

    by Darkk (1296127) on Sunday August 30 2009, @08:22PM (#29255835)

    Nope. You'd hardly notice it sitting on your 1.5TB hard drive since low bitrate of voice MP3s are usually pretty small. Betcha the trojan would store the files in the ole temp folder of IE along with other junk files.

    Pretty slick idea of a trojan but boring to listen to millions conversations that have little value. Only thing I can think of the trojan author would use some kind of speech recognition software to look for phrases like "passwords" or "credit card info"

    Sadly that I rarely download software anymore due to concerns of backdoors or trojans as it's a money game now.

  • Re:Platforms... (Score:4, Insightful)

    by mckinleyn (1288586) on Sunday August 30 2009, @08:32PM (#29255897)
    PCs to most people are the scary blinky box in the corner. PCs to some are any x86 machine (Macs included). The original acronym means Personal Computers, as you stated. By that definition, my cell phone is a PC. While some may argue the point, it seems most likely that when the average /.er says PC, they mean x86, running Windows.

  • Re:I'm safe (Score:4, Insightful)

    by chrb (1083577) on Sunday August 30 2009, @08:38PM (#29255933)

    What stops the trojan from statically linking an mp3 encoder? Or just downloading a dynamic library if there are size constraints?

  • Re:Surprised this actually works (Score:5, Insightful)

    by icebike (68054) on Sunday August 30 2009, @08:51PM (#29256005)

    Audio (and everything else) sent by skype is encrypted.

    That is why you need to install a Trojan ON the target machine. This Trojan grabs it AFTER it has been decrypted by skype.

    Because it is running local it should be detectable.

    Because they chose the trojan route, you can be reasonably assured that breaking the encryption is harder and more troublesome than sneaking into your house and installing a trojan or tricking you into installing it for them.

  • Re:Platforms... (Score:5, Insightful)

    by Chris Tucker (302549) on Sunday August 30 2009, @11:13PM (#29256741) Homepage

    You know, I'd rather have a homophobic retard bigot like you think I was gay, rather than having a gay person think I was a homophobic retard bigot.

    Like you.

  • The general idea that monitoring systems have been in place for a long time (and continue to evolve) is nothing new. The specifics of what's actually deployed now and how it operates is not, however, public knowledge. That's what people go to jail over, as they rightfully should, not the basic premise that (shock of shocks) telcos can monitor what go across their networks.

    But I'm sure that's what you really meant, right?

If you're not very clever you should be conciliatory. -- Benjamin Disraeli