Websense Security LabsTM has discovered a new set of the Warezov/Stration malicious code. This new code is currently spreading through the Skype network. Although the code itself is not self-propagating, when it runs, a URL is sent to all users within the user’s Contacts List.



This attack appears to be the same as the version mentioned on the FSecure Blog Feb 27th,
http://www.f-secure.com/weblog/archives/archive-022007.html#00001126,
but with new URL information and a new version of the malicious code.

Skype users receive a message that says “Check up this,” with a URL containing a hyperlink. When users click on the link, they are redirected to a site that is hosting a file named file_01.exe. Users are prompted to run the file (note: there is no vulnerability within Skype). If the user runs the file, several other files are downloaded and run.

http://www.websense.com/securitylabs/alerts/alert.php?AlertID=757