Trojan.Peskyspy sneaks Skype calls

Symantec's team has discovered the appearance of a Trojan worm targeting users of Skyke's VoIP (voice over IP) service .

This Trojan is capable of recording Skype calls into MP3 format and sending this conversation file to an attacker. In essence, this is a kind of eavesdropping and breaking the security of a Skype phone call.

Symantec experts identified the Trojan worm as Trojan.Peskyspy and can be downloaded to a computer using phishing email messages or other ways to trick users. When the machine is deeply infected, the worm can use an application to control the computer's audio processing, and record the call conversation in the form of an MP3 file. This MP3 audio track is then sent over the Internet to a predefined server to listen to the entire recorded conversation. Call recording in MP3 format will make the audio file size quite small, thus transferring less data over the network, helping to increase transmission speed and avoid abnormal detection checks.

This Trojan aims to hook Windows APIs (application programming interfaces), whereby audio applications often use this Microsoft technique (hook is a technique used to change behavior). identification of an application). The Trojan takes control of the system, and through the hooking technique, it can eavesdrop on the conversation before it reaches Skype software or to any other audio application.

Symantec said that at the present time, the risk posed by this threat is not high and there has been no widespread spread. However, because the source code is already available on the network, malicious malware writers can integrate this feature into their own threats. Computer users need to apply the best security measures strictly, install and update security programs regularly, do not click on any link (link) in any unknown email Come on.