How the Skype worms work
As far as this worm is concerned, this is a virtuous cycle:
- Cast out seeds,
- Hope for fertile ground, and
- Reproduce.
This isn't the first Skype worm, but a variant (Symantec profile of W32.Pykspa.D) that works roughly the same way.
We're fortunate this worm's only goal was propagation. Like any infestation it could have darker motives:
- distributed denial of telephony service attacks via SkypeOut, where a coordinated attack by thousands of phone calls to a few phone numbers overwhelms a service, such as a police department or a political opponent
- creating cyberwarfare botnet drones
- PC destruction
- stealing identities, Skype credits, PayPal funds
My takeaways:
- Skype is now prominent enough to warrant the attention of serious black hats.
- Skype's large presence in Tallinn makes it a target in future online attacks on Estonia.
- The Skype APIs offer capabilities not readily available through other platforms.
- Skype's security budget and headcount will continue to rise in response to this threat.
skype skypejournal virus worm W32.Chatosky social engineering hacking blackhat ddos estonia W32.Pykspa.D dos denial of service attack malware botnet bot drone identity theft identitytheft paypal skypeapi api security defense war cyberwar cyberwarfare
