Spyware authors have crafted a new attack that poses as an invitation to Turkish people to try Skype, the popular IP telephony application. Instead of being able to download the popular VoIP application, punters responding to Turkish-language emails containing the bogus offer will be directed towards a fake site.

This bogus site contains a malicious file, skypekur.exe, posing as Skype software. If executed, the malware application installs multiple password recovery tools designed to harvest passwords from IM applications, email clients, and FTP programs on compromised machines. Passwords, once extracted, are sent to hackers for later abuse.

Malicious emails punting the bogus offer were intercepted by net security firm SurfControl earlier this week. Malware posing as Skype software is rare but not unprecedented. This attack is doubly unusual because most malware solicitations are written in English. By targeting Turkish users of Skype, ne'er do wells have developed a niche-form of social engineering attack targeting an audience that's less familiar with malware. ®

Related stories

• Turkish s'kiddies deface security forum (17 December 2007)
• Skype IM malware smut surfaces (16 April 2007)
• Warezov worm fiends target Skype (28 February 2007)
• Security vendors talk up VoIP threats (9 January 2007)
• Hackers call on Skype to spread Trojan (20 December 2006)
• Skype patches Mac OS X flaw (4 October 2006)
• US Robotics ships Skype-ready USB handset pair (15 August 2006)
• Say hello to the Skype Trojan (18 October 2005)
• Zotob suspects arrested in Turkey and Morocco (30 August 2005)
• Sober infected PCs spew right-wing 'hate spam' (16 May 2005)
• Virus 'talks' to victims (13 September 2004)