12-20-2006, 10:38 AM
Quote:WebSense on Monday identified a Trojan horse that targets Skype IM users in what marks the latest in a series of instant messaging attacks this year.
The security researcher first reported the attack as a self-propagating worm called "sp.exe." After a full day of investigation in cooperation with Skype and its parent company eBay, WebSense issued an update saying it was a Trojan horse...
The Trojan horse uses the Skype application programming interface (API) to do its dirty work. The end-user who is running Skype receives a message suggesting a file download. Clicking on the link initiates download of the Trojan horse...
"We don't believe this new Trojan is very widespread, but this attack can cause damage," Hubbard warned. "The Trojan includes some processes that allow attackers to inject into the explorer process, which usually is used for things like password stealing within forms at eBay and PayPal and other types of sites."...
full article: http://ecommercetimes.com/story/FRLD1jyR...tack.xhtml