The world’s favourite voice over IP, text, voice and video chat system, Skype is one of those rare things, an app that has found a place in the hearts and minds of computer and smartphone users regardless of what operating system and manufacturer they have allegiance to. Of course, as any scam-aware users (and indeed, scammers) know, where there is widespread use of a piece of software, there is an opportunity to rip someone off, usually with malware.
Yes, dear reader, it is my sad duty to inform you that there are a selection of risks out there in the wild, threats to your identity and bank balance that can find their way to getting hold of your personal details via Skype.
Skype Security Issues You Should Know About
If you haven’t used Skype already, don’t let this article scare you. If you’re aware of the threats then you can protect yourself.
You may be surprised to learn that many of these Skype security issues have arisen since Microsoft purchased the service. This acquisition heralded the move away from peer-to-peer networking on Skype; where before the processing and data management for the service was performed by the users’ computers (even when they weren’t chatting) it is now performed by central servers owned by Microsoft.
P2P can be particularly dangerous to personal data if suitable blocking software is not employed, and given the lengths Microsoft have gone to in order to purchase and integrate Skype with their operating systems, it is slightly surprising that there are at least four threats out there that can be described as notable.
Dorkbot Hits Skype
Skype hasn’t been overlooked by scammers and spammers in the past, but one of the most serious pieces of malware to affect the chat platform was found in Autumn 2012 as the “Dorkbot” worm was found to have migrated from Twitter and Facebook.
Enticing users to click on links in messages, Dorkbot asks questions such as “lol is this your new profile pic?”, prompting Skype users to inadvertently install the worm on their computers.
Dorkbot is particularly nasty. The infected machine is connected to a botnet, whereupon users are locked out of their computers, and their data is (possibly) encrypted, where it will remain inaccessible until a demand of $200 is paid – within 24 hours.
Trend Micro noted the ransomware worm’s quick spread across the web, while Microsoft advised Skype users not to click on unexpected links. Upgrading to the latest release of Skype will avoid infection by this version of Dorkbot.
A Fake App for Android & Symbian
Android users were warned about a fake Skype app in July 2012, named Trojan:Java/SMSFakeSky.A by Microsoft.
A poor fake – the app only runs on older Android devices that allow Java MIDlets to be run (it can also run on Symbian devices) – the malware is advertised on fake websites (using Russian .ru top level domains, with the malware hosted on .ne domains) and installs itself onto device before sending expensive SMS messages to earn money for the developers.
As a result of this, Microsoft urged users to rely only on approved app stores in order to acquire genuine copies of Skype, and to scan downloaded software on a desktop computer with antimalware utilities before copying to your mobile device.
Cross Platform Skype Malware
Whether you’re a Windows or a Mac user, a new Trojan was discovered in July 2012 affecting OS X 10.6 Snow Leopard and OS X 10.7 Lion machines. Known as OSX/Crisis, the malware uses Java (and probably other means) to gain access to a computer and then spy on the user by monitoring Firefox, Microsoft Messenger, Safari… and Skype.
The malware operator can record Skype audio traffic and intercept any files that are sent over the network, and there is the ability in the code to access text entry and webcams, as well as detect your location, device information and address book. With a keylogger also included, this is a piece of malware that you should be acting to remove as soon as it is detected.
“If this malware managed to infect your Mac computer it could learn an awful lot about you, and potentially steal information which could read your private messages and conversations, and open your email and other online accounts.”
If you think you have been infected by any of these malware examples, you need to act quickly. Anti-malware tools for Windows and Mac OS X can be found quickly online, but if you have trouble downloading them (a common trick among malware coders is to block downloading from particular sites) you may need to use a second computer.
All of these Skype security issues and threats can be removed from your computer, but keep in mind that unusual behaviour in Skype or any other application can often be an indication that all is not right with your computer.
As such, regular anti-malware scans are strongly recommended.