Skype virus spreads from Korea

The first Skype worm is on the loose according to an Internet security firm - Websense. As with most worms you're perfectly safe if you follow basic Internet security rules i.e. don't accept or open unknown attachments! Websense indicates the worm has the following actions:

* users receive messages via Skype Chat to download and run a file
* the filename is called sp.exe
* assuming the file is run it appears to drop and run a password stealing Trojan Horse
* the file also appears to run another set of code that uses Skype to propagate the original file
* the file is packed and has anti-debugging routines (NTKrnl Secure Suite packer)
* the file connects to a remote server for additional code
* the original site has been black holed and is not serving the code anymore
* the number of victims is still TBD
* the original infections appear to be in APAC region (Korea in particular)

Individuals should pay particular attention to their security but fortunately companies installing and using Skype have an advantage. The Business Version of Skype enables network administrators to disable file transfer to remove temptation from employees clicky fingers.

Finally the best advice as ever (once again) is never accept or open files if you don't know where they came from and what they contain! A great website with advice on staying safe online is Get Safe Online which eBay sponsor