 | |
| |||||||
| Home | Register | Projects | Blogs | FAQ | Calendar | Search | Today's Posts | Mark Forums Read | Free Directory | Free DNSReport | Tags |
| Notices |
| Applications, Tools & Papers Discuss about security applications, tools, papers, etc... |
Skype SecurityThis is a discussion on "Skype Security" within the Applications, Tools & Papers part of the Computer Security: Discussions section; Hello guys! I'm back since many months to ask you if you are aware that Skype has been recently considered at the same level of a well done backdoor. It has been found that: - it connects to unknown IP ... |
 |
| | LinkBack | Thread Tools | Display Modes |
28-07-06
| |||
| |||
 Skype Security Hello guys! I'm back since many months to ask you if you are aware that Skype has been recently considered at the same level of a well done backdoor. It has been found that: - it connects to unknown IP during the night - it is packed with its own packer - it includes in the binary some anti-debugging technique to prevent from disassembling - it strongly encrypts ANY single byte it sends - it jams his network activity These are the most important signals that let us think it can hide some kind of backdoor like Sony and other manufacturer has done in the past. The same crew who were successful in disassembling part of the Skype binary is taking into consideration another aspect of this fact: what if a teenager come across to an exploit which let him have full control on the victim's machine with Skype installed? He will own one of the biggest botnet ever seen... Are you guys aware of any of these security threat linked to Skype? If you want to read the full analysis (PDF in English), drop me an email directly to: yogsotho@yahoo.com Tnx for help.... Yog-Sotho aka MoNNeZZa  |
| Sponsor | ||
| ||
| |
|
28-07-06
| ||||
| ||||
| I dont know and use skype a lot but there is probably many bugs in it, nice idea, I will maybe have a look at it soon. |
|
24-01-07
| |||
| |||
| just run it within vmware and do a packet log of EVERY thing it sends for 24 hours and see where it connects and what it sends spend a few days analyzing it and you MIGHT have a good idea not to mention all the plugins now available + the sdk is available so ppl can mask trojans as plugins and whatnot. have fun with the idea although it is plausible it seems like to much work. altho that was prolly said about the 1st rbot and so forth all it will take is determination to find a hole in it and you will find the most valuable exploit in your life. |
| Sponsor | ||
| ||
| |
|
| | |
| security, skype | |
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| CVE-2008-0028 (PIX 500 Series Security Appliance, 5500 Series Adaptive Security Appliance) | Heap | Advisories | 0 | 23-01-08 23:58 |
| CVE-2007-6386 (Trend Micro AntiVirus plus AntiSpyware, Trend Micro Internet Security | Heap | Advisories | 0 | 20-12-07 03:16 |
| CVE-2007-5775 (Total Security, Internet Security, AntiVirus) | Heap | Advisories | 0 | 02-11-07 14:53 |
| VERITAS = sleeping security response | class101 | Security discussions | 5 | 22-07-05 18:21 |
