Hello guys!

I'm back since many months to ask you if you are aware that Skype has been recently considered at the same level of a well done backdoor. It has been found that:

- it connects to unknown IP during the night
- it is packed with its own packer
- it includes in the binary some anti-debugging technique to prevent from disassembling
- it strongly encrypts ANY single byte it sends
- it jams his network activity

These are the most important signals that let us think it can hide some kind of backdoor like Sony and other manufacturer has done in the past.

The same crew who were successful in disassembling part of the Skype binary is taking into consideration another aspect of this fact: what if a teenager come across to an exploit which let him have full control on the victim's machine with Skype installed? He will own one of the biggest botnet ever seen...

Are you guys aware of any of these security threat linked to Skype?

If you want to read the full analysis (PDF in English), drop me an email directly to:

yogsotho@yahoo.com

Tnx for help....

Yog-Sotho aka MoNNeZZa

I dont know and use skype a lot but there is probably many bugs in it, nice idea, I will maybe have a look at it soon.

just run it within vmware and do a packet log of EVERY thing it sends for 24 hours and see where it connects and what it sends spend a few days analyzing it and you MIGHT have a good idea not to mention all the plugins now available + the sdk is available so ppl can mask trojans as plugins and whatnot. have fun with the idea although it is plausible it seems like to much work. altho that was prolly said about the 1st rbot and so forth all it will take is determination to find a hole in it and you will find the most valuable exploit in your life.