Malware turns Skype into spyware

Next story
Olivia Storey

SKYPE internal browser has been exposed to an exploitation, labelled “SPYKE”.

The exploitation, according to research, targets the Skype application that has an embedded Internet Explorer browser used for authentication.

The hackers’ phish the Skype credentials by creating a legitimate looking login page, which is inside the Skype process. Skype is then ultimately turned into SPYKE, which is the malicious process, and affects any SKYPE installation, as long as the attacker has local access to the login screen of a running skype.

The exploitations is sidestepping the normal authentication process and abusing the login via Facebook function to steal credentials, execute code, and cover communication traces, as it can also communicate with the outside world to decode key strokes or even sound.

The vulnerability is most likely in Microsoft Operating System but other OS’s might also be vulnerable.

There are advanced attacks on the more vulnerable Skype systems, which can cause skype to crash and leads to a code attack on the Operating System so they can perform “local privilege escalation attacks”.

Mark James, ESET IT Security Specialist, talks about how to protect yourself and stay safe against advanced phishing attacks like SPYKE.

“Any attack that can potentially steal your login credentials is bad.

“When you’re presented with a login page within the application, the chance of a successful phish is extremely high.

“When this fake page is shown, a level of trust has already been gained, so putting your credentials in could seem like a normal thing to do.

“Once you have entered your details, they almost certainly will be used elsewhere.

“Distribution of spam or malware from your Skype account could lead from this attack.

“Ensuring you’re on the latest version of Skype will protect you from this particular attack, specifically versions older than SKYPE Client should be updated immediately.

Keeping all your software up-to-date is the best way to keep safe. It is something you hear all too often, update this, update that, but the bad guys never sleep.

“There is always someone looking for the next vulnerability and or exploit.

“Having a good regularly updating internet security product and the latest Operating System will all help in your multi-layered security approach.


Have you ever fallen victim to a phishing website that looked like the real thing? Let us know on Twitter @ESETUK.


Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.