Computer security experts at Symantec have observed a Trojan targeting users of Skype that can record phone calls and send the conversations back to the attacker. Yikes.
How private are your calls over Skype’s free VoIP service?
Symantec has just issued a warning about a nasty Trojan that can record calls made by Skype users, and then send this call file (as an MP3) to a predefined server where the attacker could listen to the recorded conversation.
Symantec identified this threat as Trojan.Peskyspy (pesky spy indeed!), that can be downloaded to a computer accidentally via email or social networking site.
The Trojan is targeting Windows API hooks, a technique used to alter the planned behavior of an application, that Microsoft has intended to be used by audio applications, says Symantec. The Trojan compromises the machine and then is able to eavesdrop on a conversation before it even reaches Skype, or any other audio application.
Symantec says your chances of downloading this threat is quite low, but with this Trojan.Peskyspy “source code” now publicly available, malware writers can incorporate this type of functionality into their own customized Trojans.
The only way to ward off this threat is to use antivirus software and be sure to update software definitions regularly. And of course, never click on links in suspicious emails.