Who's listening to your Skype calls?

Pat Pilcher
Tuesday 08 September 2009 05:22 EDT
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

If having your bank account hovered clean or irreplaceable data trashed by viruses and malware is keeping you awake at night, expect even more insomnia thanks to the security boffins at Symantec.

The security specialists are talking up a new piece of cyber nastiness in the form of a Trojan called Trojan.Peskyspy (also known as Skytap) which can record VoIP calls made using the Skype internet telephony application on PCs using Windows 2000, 95, ME, NZ, XP, Vista and Windows server 2003.

According to Symantec's Karthik Selvaraj, although Trojan.Peskyspy doesn't exploit any specific Skype weaknesses, Skype was most probably targeted simply because it is easily obtainable and widely used.

Trojan.Peskyspy intercepts audio streams, turning them into MP3 files which can then be sent back to a remote eavesdropper.

Symantec is calling the Peskyspy Trojan a proof-of-concept Trojan as its current incarnation is unable to spread from computer to computer.

This said, the code for Trojan.peskyspy is publicly available and is likely to mutate over time.

Once installed on a victim's PC, Trojan.peskyspy bypasses security protocols or encryption applied by Skype by intercepting audio between the Skype application and the PCs audio hardware.

The code underpinning Trojan.peskyspy was originally published by a Swiss researcher.

Although Symantec does not see the code being used to launch widespread attacks, its very existence could have privacy implications for discussing sensitive information over a VoIP connection and could see illegitimate phone tapping becoming more commonplace.

According to Symantec, the best way of avoiding infection with Trojan.peskyspy is to use frequently updated security software and regularly apply operating system, browser and other online application updates.

Source: NZ Herald

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in