New malware targets Skype users
A new variant of the IRCbot Trojan horse is taking aim at users of Skype Technologies S.A.’s VoIP software, according to New York-based e-mail security firm MessageLabs Ltd. As of Monday, the firm said it had blocked more than 150 copies of the Trojan, also known as Fanbot. The malware is being distributed by e-mail disguised as the newest release of the popular Skype software client — version 1.4, which was released Oct. 10.
“When executed, the attached malware program displays a fake ‘installation error’ box while, in fact, it is installing itself as %sysdir%remote.exe, altering the registry and shutting down shared access and Windows update services,” MessageLabs said. “It then tries to connect to either an IRC server named ‘jojogirl.3322.org’ or ’smallphantom.meibu.com,’ but fails.” According to Skype’s Web site, its Internet voice-calling software has been downloaded more than 184 million times.