9.01.2009

Source Code for Skype Spying Trojan in The Wild

http://blogs.zdnet.com/security/?p=4133&tag=nl.e589
http://happygiraffe.net/blog/files/Skype_Chat_Preferences.png
Swiss programmer Ruben Unteregger who has been reportedly working for a Swiss company ERA IT Solutions responsible for coding government sponsored spyware, has released the source code of a trojan horse that injects code into the Skype process in order to convert the incoming and outgoing voice data into an encrypted MP3 available at the disposal of the attacker.
Here’s how the trojan, currently detected as Trojan.Peskyspy, works:
"When the Trojan is executed, it injects a thread into the Skype process and hooks a number of API calls, allowing it to intercept all PCM audio data going between the Skype process and underlying audio devices. Note: Since the Trojan listens to the data coming to and from the audio devices, it gathers the audio independently of any application-specific protocols or encryption applied by Skype when it passes voice data at the network level."
Read more...
Reblog this post [with Zemanta]

No comments: