Malicious software disguised as Skype Defender

Skype warns users password-stealing Trojan horse is making the rounds, disguised as a Skype security plug-in.

Skype is sounding the security alert, and users should take note before using the Internet calling service.

A Trojan horse disguised as Skype Defender, a security plug-in, is making the rounds, according to a Skype security blog.

The malicious software, which affects Windows users, steals Skype log-on and password information once the program is executed. Similar log-in credential information saved in Internet Explorer is also gleaned by the Trojan horse.

If a user installs the bogus security plug-in, a malicious "Skype Defender" confirmation window pops up and asks the user to log into his or her Skype account. After typing in the sensitive information, the user is notified that the relevant name and password were not recognized.

Users, however, can watch for a key difference between the legitimate Skype log-in window and the malicious one, security research firm F-Secure advised. A red box appears around the legitimate Skype sign-in button, F-Secure noted.

The Skype security issue may spill over to users of eBay, auction giant that now owns the VoIP service.

About the author

    Dawn Kawamoto covered enterprise security and financial news relating to technology for CNET News.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    A roomy range from LG (pictures)
    This plain GE range has all of the essentials (pictures)
    Sony's 'Interview' heard 'round the world (pictures)
    Google Lunar XPrize: Testing Astrobotic's rover on the rocks (pictures)
    CNET's 15 favorite How Tos of 2014
    CNET's 15 most popular How Tos of 2014