Trojan in skype!

Our very own fight club!
Post Reply
User avatar
Lyecdevf
cyber Idi Amin
cyber Idi Amin
Posts: 1222
Joined: 16 Mar 2006, 17:00
18
Location: In between life and death.
Contact:

Trojan in skype!

Post by Lyecdevf »

Some wondered why would microsoft purchase skype as has been outlined in this article: http://www.wired.com/epicenter/2011/05/ ... s-skype-2/" onclick="window.open(this.href);return false;. What ever the reason now skype installs EasybitsGo.exe on your computer with out your permission. The easybitsgo.exe runns as a process even though you click deny in skype when it asks you if you allow it to run.

Easybitsgo have provided a way to get rid of it and that is by going here: http://www.easybitsmedia.com/support/RemoveGO.exe" onclick="window.open(this.href);return false;. However, that is a fake uninstall !!! Easybitsgo.exe is still goign to be on your computer. The only way to get rid of it for sure is to go under tools-options-advanced and uncheck "automatically stop extras" also click on the "manage other connections to skype" link on the bottom and remove Easybitsgames.

This malware seems to have hitchhiked in on a "trusted" program: Skype. So that means inside Skype, there's a trojan downloader. It bypassed all the windows authenticity checks, alerts, certificate of authenticity verification and user permissions. That the trojan downloader inside Skype bypasses all these Microsoft Windows security features seems intentional. Just because we found one trojan downloader installed by Skype, doesn't mean we found all the exploits. This downloader facilitated Easybits to make vast changes to the registry. Apparently, Skype also didn't test this software before pushing it over their service. Or they didn't care. http://threatexpert.com/report.aspx?md5 ... 792f23be45" onclick="window.open(this.href);return false; shows lots of file modifications and registry entries. Skype is a broadband conduit to the web and has hooks to facilitate program calls to this conduit. Any program installed under Skype has the potential to compromise all the data on the machine and all shared data on the LAN. Additionally, this trojan downloader inside Skype might be exploited by other hackers.

The more customer installations EasybitGo can claim, the higher the value of the company. With the impending purchase of Skype by Microsoft, Easybit would potentially be dropped, perhaps to be replaced by a Microsoft games product. They seem to have struggled to push out this untested malware (over a holiday weekend) to establish themselves as in important integral Skype feature. In a last ditch effort to become part of the new Microsoft VOIP and messenger product that evolves from the Skype purchase, they forced this installation on users even though only 30% of Skype customers ever use the Skype game features. That means they overstate their customer base by a factor of three. I think this abuse and unwanted publicity may assure they won't become part of the new Microsoft product.

Not a wonder that game sessions have jumped to over 7 million sessions. If you run Skype in the background when you don't use it you are probably generating loads of game sessions.

P.S. Now that microsoft is the owner you can expect more of this. I guess when they bought skype they thought they also bought the users!
We will either find a way, or make one.
- Hannibal

Post Reply