Symantec: Posted code enables VoIP spying

[Brian Warkoczeski]

Symantec: Posted code enables VoIP spying

by Larry Magid

September 2, 2009

www.cnet.com

Along with keyloggers that track what you type, now we have to worry 
about malicious software that listens in on our voice over Internet 
Protocol conversations.

A Symantec security blog on Thursday disclosed a new Trojan horse, 
Tojan.Peskyspy "that records VoIP communications, specifically targeting 
Skype." The posting, based on analysis from Symantec's Karthik Selvaraj, 
pointed out that "its existence isn't due to any problems with Skype 
itself" but that Skype may have been targeted "simply because it has 
such a large install base."

Gerry Egan, Symantec's director of security response, says the Trojan is 
capable of "hooking...through some Windows APIs into some audio streams" 
that "can be intercepted, turned into MP3 files, and then sent over a 
remote channel to a remote electronic eavesdropper."

For rest of the article, see:

http://news.cnet.com/security/?tag=hdr;snav