Symantec discovers the first wiretap trojan

Symantec discovers the first wiretap trojan

Tags:   Skype  Symantec  trojan  trojan.peskyspy

By SearchSecurity.com Staff | Sep 2, 2009

Thumbnail: 

Symantec Corp. researchers have discovered a Trojan designed to listen and record conversations via the popular Skype VoIP application, in what could be the first wiretap Trojan discovered in the wild.

Called Trojan.Peskyspy, the malware uses Windows API calls to grab sound coming from various audio devices plugged into a victim's computer, Symantec said. It intercepts audio data and converts the stream into an MP3 file, which is then stored on the victim's machine.

Symantec said Skype was targeted likely because of its large install base. Users of the application have been targeted in the past by malware writers. Attackers attempted to spread a password-stealing Trojan via Skype in 2006. Since then malware authors have attempted to spread malware by sending malicious links via the VoIP application.

Experts have also warned about the application's use of proprietary cryptographic protocols as well as unencrypted communications related to call setup that may make it possible for an eavesdropper to perform traffic analysis.

Symantec is calling the Peskyspy Trojan a proof-of-concept. So far the Trojan does not contain any method to spread from one computer to another, Symantec said. Once the Trojan is installed on a victim's machine, it bypasses security protocols or encryption applied by Skype because it sits between the Skype process and the audio device.

"Essentially, it sits below these security measures, recording the audio at the Windows level -- before outbound audio from the microphone gets to Skype and after incoming audio leaves Skype and reaches the speakers," Symantec wrote in a blog post about the new Skype Trojan.

The Trojan contains a back door, which enables an attacker to send the captured audio to a new location for listening.

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <img /> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <embed> <object> <strike> <caption>
  • Lines and paragraphs break automatically.
  • Use <!--pagebreak--> to create page breaks.

More information about formatting options

 

Comments

Comments

Our louis vuitton replica

Submitted by 27790b7b38acb1d... on 7 January 2010 - 5:15pm.

Our louis vuitton replica handbags and knock off pursesother fake purses will.

I think this louis vuitton bag is nice,I would like to carry it.

Buy cheap replica louis vuitton Handbags and Louis Vuitton Bags from HandbagsAir.

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Staying a step ahead of hackers new
Organizations are relying more and more on Web applications as a primary means of doing business. As the number and complexity of Web applications grow, so does the number of vulnerabilities introduced into your Web environment. Unfortunately, this makes you very attractive to hackers.
Outlook: Emerging security technology trends
As part of an ongoing discussion from IBM, this white paper helps us to gain a perspective on the security challenges organizations will face in the next few years. What fundamental technology trends are expected to impact organizations this and the following years? And how can organizations position themselves to profit from the myriad opportunities while managing the risk that inevitably accompanies them?
 
 
 
Hong Leong Financial opts for Juniper Networks at new Malaysia head office, data center
Hong Leong Financial Group Berhad builds complete and seamless data center and office network infrastructure with Juniper switches, security devices and Junos software.
Budget-conscious NGO cuts costs and improves IT productivity with Symantec
St James' Settlement reduces staff time spent on data protection administration by 80% and on software inventories by almost 100%.
 
 
 

Recent popular content

Most Read
Internet Explorer vulnerabities cause data leakage
Tripwire steps into SIEM territory
Microsoft expands SDL program
What to do with Microsoft SMB2 vulnerability
Following up with networking penetration tests

Site map
Search Security Asia
About Us
Print/Digital Subscription
Sales
Feedback
Security Tips
Expert Opinions
Research
White Papers
Case Studies

Blogs
Topics
Application security
Disaster recovery and business continuity
Identity management and access control
Information security careers, training and certifications
Topics
Network and Internet Security
Security best practices
Security threats
Surveillance and facilities management
Media
Videos
Podcasts
Webcasts
News
RSS