Last week Skype internet phone service didn't work for more than a day. This week, it's delivering a worm to users through a counterfeit IM buddy message, which -- surprise, surprise -- offers to show you a picture of a young lady with her clothes off. If you click it, it loads the worm on the user's computer, and sends the worm to everyone on your buddy list.
The Skype blog,
which descries the worm and calls it "w32/Ramex.A," says that three
anti-virus vendors have developed cures. F-Secure, Kaspersky Lab and
Symantec Corp. have already updated their products to catch it. The
same blog offers a manual fix, which it emphasizes is for experts only.
It involves deleting five .exe files, as well as deleting all entries
in a hosts file. The latter is necessary in order to get anti-virus
updates to resume.
Enterprises have long feared the damage Skype
hacks could do. Skype's peer-to-peer technology is particularly adept
at sneaking through firewalls unnoticed. Its encryption also makes
detection of damaging code especially difficult. On the other hand, its
use of closely guarded proprietary technology makes it harder to hack,
since there's no publicly available code for attackers to examine for
weaknesses.
I know it's pointless to recommend computer users stop looking at porn on the internet, so I'm going to have to recommend users stop having friends. Then you'll never open something from anyone on your buddy list. Problem solved.