Skype Defender malware alert
By
Villu Arak on October 16, 2007.
Some Windows users have been affected by a malware program that imitates Skype software and attempts to steal sensitive information. 65404-SkypeDefenderSetup.exe is classified as an Infostealer, that is, a Trojan horse program that attempts to steal sensitive information such as login credentials.
When executed it displays a confirmation window with the following text, "Skype-Defender(TM) Installed! Please login to your account to apply new plugins".
When the user clicks the OK button, the malware displays what looks like a Skype login screen, but which has a different-looking sign-in button.
When the user enters the Skype username and password, the malware displays a message saying that the name and password were unrecognized.
The malware collects the entered Skype username and password, as well as all usernames and passwords saved in Internet Explorer, and sends them over to a website that collects this stolen data.
To remove the malware, please update your anti-virus software. At this time, we have notified F-Secure, TrendMicro, Symantec, WebSense, and FaceTime Security Labs. For manual removal it is enough to delete the 65404-SkypeDefenderSetup.exe file.
When the user clicks the OK button, the malware displays what looks like a Skype login screen, but which has a different-looking sign-in button.
When the user enters the Skype username and password, the malware displays a message saying that the name and password were unrecognized.
The malware collects the entered Skype username and password, as well as all usernames and passwords saved in Internet Explorer, and sends them over to a website that collects this stolen data.
To remove the malware, please update your anti-virus software. At this time, we have notified F-Secure, TrendMicro, Symantec, WebSense, and FaceTime Security Labs. For manual removal it is enough to delete the 65404-SkypeDefenderSetup.exe file.
