An instant-messaging worm has started spreading to PCs running Windows by using Skype to chat up potential victims in an attempt to convince them to download and run the malicious software.
The worm, described in a blog post written by eBay's Skype subsidiary, can converse with victims in at least three different languages: Latvian, Russian, and English. Antivirus firms and eBay have already assigned a plethora of names to the digital pest, including Ramex (Skype), Pykspa (Symantec), Skipi (F-Secure), and Pykse (McAfee and others).
Skype stressed that the worm can only infect users that download the program.
"Please note that Skype users ONLY become infected after they have downloaded the link and run the malicious software," stated spokesman Villu Arak in the blog post. "The chat message, of which there are several versions, is cleverly written and may appear to be a legitimate chat message, which may fool some users into clicking on the link."
Instant messaging programs, including America Online Instant Messenger and MSN Messenger, have increasingly become targeted by virus and worm writers and bot masters as a medium for spreading their creations. Symantec, the owner of SecurityFocus, classified the latest worm as the fourth variant of a program that started spreading through Skype in mid-April.
The Ramex worm disables numerous computer processes associated with security software and computer-inspection programs and attempts to block access to a number of software sites.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos