Worm Winds Its Way Into Skype for Windows
Skype is cautioning its Skype for Windows users of a worm called "W32/Ramex.A" that is spreading fast within the service's instant chat application as a link in an instant message. The message is "cleverly written and may appear to be a legitimate chat message, which may fool some users into clicking on the link," said Kurt Sauer, the company's chief security officer.
Sep 10, 2007 2:58 PM PT
In a high-profile reminder of the security pitfalls that still exist with PC-based communications, eBay's Skype is warning users of a fast-spreading worm affecting users of Skype for Windows.
The worm spreads through the peer-to-peer phone service's instant chat application and is activated when a user clicks in a link in an instant message they receive, Skype said.
Those messages may appear to be from someone on a Skype user's contact list or from an unknown party. The messages contain an attachment that appears to be a JPEG photo but in reality is executable code.
The worm, which has been dubbed "W32/Ramex.A," then uses code within Skype's application programming interface to access files on the PC.
In a post to the Skype blog, Chief Security Officer Kurt Sauer emphasized that only users who download the link and run the malicious code have their PCs infected. The chat message, he added, is "cleverly written and may appear to be a legitimate chat message, which may fool some users into clicking on the link."
Skype is working with major PC security vendors to ensure protections are in place against the worm, it said, adding that several major firms had updated their virus engines to be able to stop the worm within hours of it being confirmed.
"We would like to encourage our users to ensure that they are running antivirus software on their computers and to download the latest antivirus updates in order to provide the best protection against this and other viruses," Sauer said.
The worm attempts to replicate itself and send out more instant messages to the contact lists on the infected machine and may be able to stop users from visiting some Web sites or using some programs. Still, most security watchers were describing the worm as a modest threat.
Still, it comes at a difficult time for Skype, which just last month endured a nearly two-day outage, the longest widespread outage in its four-year history.
Skype confirmed the worm after users began posting about problems with their PCs to various online security forums. The security issue comes just days after Skype marked the fourth anniversary of its public beta launch late last month.
At the time of the firm's four-year anniversary on Aug. 29, cofounder and CEO Niklas Zennstom said the service had amassed 220 million registered users worldwide and said the two-day outage "is becoming an increasingly distant memory."
Indeed, some Skype users have been quick to come to the service's defense in the wake of that problem. Still, the outage and the security issues underscore that VoIP (Voice over Internet Protocol) services remain less secure and reliable than traditional phone lines, said telecom analyst Jeff Kagan.
"VoIP is not a phone service," Kagan told TechNewsWorld. "Cable television companies and others companies like Skype make us feel comfortable with this, but it is not phone service. It is an Internet service carrying voice. It is a new technology that will be with us for a while and continue to get better, but when the service has trouble we cannot make a call."
With many users originally employing Skype as a service to use alongside their land lines, occasional outages were not as much of a problem. Now that many have given up their phone services to enjoy the cost-savings of VoIP, however, reliability becomes more of an issue, he added. "If this line is your only line then you take a chance," he said, noting that the legal and financial issues facing Vonage and the sudden shutdown of SunRocket are further reminders that IP calling remains an emerging technology and business.
The Skype outage was seen as something of a surprise because the nature of the distributed peer-to-peer network relies not on a single centralized server but instead on millions of individuals PCs, with software used to link them together.
That same configuration may be a security weak link, however, since users themselves are responsible for their own security to a large extent.
Skype was quick to acknowledge the worm's presence and to move to correct the situation. Similarly, it was upfront with users about the outage, regularly posting updates to the Skype Blog about progress toward correcting it, JupiterResearch analyst Ian Fogg told TechNewsWorld.
"On the positive side, they clearly made an effort to get the word out, which can help with public relations, but then again the outage did last longer than they first said it would," Fogg added.
Skype has been growing rapidly since it was founded in 2002 by Zennstrom and Janus Friis, Skype gained instant legitimacy in 2005 when eBay bought it for US$2.5 billion.