A new password-stealing Trojan that targets Skype is on the loose. It poses as a security plug-in for the popular VoIP service but instead presents its own log-in screen to steal your user name and password.
A new password-stealing Trojan that targets Skype has been spotted in the wild. It poses as a security plug-in for the popular VoIP service but instead presents its own log-in screen to steal your user name and password.
The Trojan calls itself "Skype-Defender," and other than attempting to steal your Skype user name and password, it also swipes clean all user names and passwords saved in Internet Explorer.
The malware isn't spreading by itself. Rather, its author is posting it on "dodgy" sites or forums and relying on users to be tricked into executing it. After execution, the Trojan disables running instances of Skype and swaps in its fake Skype log-in window. If the victim enters a user name and password, the malware captures them and any others saved in IE and posts the information via HTTP to a Web site for the malware author to retrieve.
One way to distinguish the Trojan is that none of the hyperlinks work on the fake log-in screen. Also, the Trojan has a sign-in button with a metallic gray border, whereas Skype's log-in button has a red border.