September 3, 2009

Virus Can Eavesdrop On Skype Calls

Hackers and even possibly law enforcement agencies have a disturbing new cyber crime tool. A new virus allows them to listen in on voice conversations through the computer rather than a phone line.

A new "Trojan horse" virus that records Voice over Internet Protocol (VoIP) calls through the popular Skype service, now gives the ability to eavesdrop. Skype is a software application that allows the users to make free or low-cost voice calls between computers or from a computer to a phone.

At the end of June, there were reportedly about 480 million Skype users across the world. But not many are expected to be affected by the virus, since mass infections would require the cyber-criminals to listen to an unbelievable amount of audio recordings.

In the U.S, law enforcement must have a court order to eavesdrop on someone's Skype calls, but other countries might not have laws as strict for their intelligence agencies and authorities.

The virus, which has been referred to as the first "wiretap Trojan" by security firm Symantec Corp.,  does not aim for any particular weakness in Skype. It rather infiltrates parts of the Windows operating system that deals with audio processing. It then is able to intercept all of the audio data coming from Skype before it gets the chance to be encrypted by the software, according to Symantec's analysis.

The audio is saved as MP3 files, which can then be sent to the computers being controlled by the criminals.

"It's more interesting than dangerous," said Kevin Haley, director of Symantec Security Response. "It's an espionage tool. That's its clear purpose. It's not practical for any type of broad-based attacks."

The virus was designed and released by Ruben Unteregger, a Swiss programmer. He claims that he started researching on his own before it became a project for his employer, ERA IT Solutions.

The software company was reported by the Swiss newspaper SonntagsZeitung to have been working on a VoIP-cracking virus for the Swiss government in 2006. This was an account Unteregger claimed to be unable to confirm due to a nondisclosure agreement he signed for the project.

According to ERA IT Solutions, there was never an order from a government agency to develop the program, and that it stopped working on it when Unteregger left the company last year.

"This is Ruben's affair only," said company representative Riccardo Gubser.

Unteregger said in an e-mail interview with the AP that his goal in releasing the virus' programming code was to make people aware that "we are now becoming a surveillance society" and that "police Trojans are reality and questionable."


On the Net: