My name is Chatosky – I spread with Skype

New worm spreading with Skype has been reported recently.

According to Websense Blog a message via Skype Chat is received.

* the filename is called sp.exe
* assuming the file is run it appears to drop and run a password stealing Trojan Horse
* the file also appears to run another set of code that uses Skype to propagate the original file

It appears that Symantec uses name W32.Chatosky when they released a description document about the worm.

The malware queries Skype for random users every three minutes and an error message is being displayed if there is no Skype installed to the system.

Update: This updated Websense information released on Tuesday states that it is a Trojan Horse, in fact:

  • Anna