Sophos呼籲各界重視IM安全如Skype蠕蟲

Skype worm leaves Sophos users unfazed

September 12, 2007 – Sophos, a world leader in IT security and control, says that a recent worm outbreak on the Skype network highlights the importance of proactive virus protection. The worm, which has been seen spreading via Skype's instant messaging system, has not managed to infect Sophos users who were proactively protected against the threat without requiring an update.

The W32/Pykse-C worm (also known as Ramex, Skipi or Pykspa) spreads via Skype's chat system in a variety of languages including English, Russian and Lithuanian. Recipients of the instant messages are invited to click on a link to what they believe will be a .JPG picture, but is in fact a downloadable executable.

However, unlike many other anti-virus vendors, Sophos did not have to issue an update to protect its users against the malware as Sophos's Behavioural Genotype® Protection technology was already able to proactively identify it as Mal/Behav-103. Users of other vendors' products are recommended to update their protection and ensure that they are defended from the threat.

“Hackers are becoming more inventive in their attempts to infect PC owners. Sophos's millions of users weren't affected by this latest attack because our proactive protection intercepts the attempt to infect PCs without requiring an update,” said Graham Cluley, senior technology consultant at Sophos. "With so much money to be made, the hackers aren't going to stop trying to break into PCs anytime soon. Everyone needs to take safety seriously online, which includes ensuring that a secure defense is in place.”

Skype has published information on its blog about the worm outbreak

The latest incident is not the first time that Skype has raised questions for system administrators tasked with securing their networks. In April, Sophos reported how malware was spreading via Skype offering pictures of a scantily clad model wearing stiletto high-heeled shoes. Last year, Sophos conducted a poll of system administrators which revealed that 86.1 per cent of those who expressed an opinion wanted the power to control use of VoIP in their companies, with 62.8 per cent saying blocking was essential.

“The fact that Skype also contains an instant messaging component also raises concerns for system administrators, as it is potentially an avenue for data leakage as well as malware infestation,” continued Cluley. “More and more companies are setting a policy as to what instant messaging client is to be used in the business, and whether it can be used for communicating with the outside world.”