Malware miscreants have created the first worm targeting Skype that's also capable over other instant messaging networks, such as MSN and ICQ.

The unnamed worm poses as a chat message linking to a website, as with other example of Skype-spreading malware before it. This malicious website contains a .pif file, that poses as "photos". Users tricked by this simple ruse will find themselves infected by the Stration worm, a mass mailer that also attempts to foil attempts to remove it by blocking access to security-related websites, and other items of malware.

Skype contacts of users infected by the worm get sent a message pointing to the hacker-controlled website. This is all fairly standard.

The twist comes via an attempt by VXers to hedge their bets. One of the files dropped onto infected PCs checks to see if a number of different instant messaging programs are installed.

Although the main vector for infection is Skype, the malware also attempts to spread by punting messages across MSN and ICQ, according to an analysis of the malware by researchers at IM security firm FaceTime Communications.

"The infection checks the registry for evidence of programs like AIM, Trillian, Yahoo Messenger, Miranda and ICQ - however, so far we've only seen it fire a message to an ICQ and an MSN Messenger Client," writes Chris Boyd, director of malware research at FaceTime. "The main target appears to be Skype with regards a delivery mechanism for the messages sent, but the potential for the infection to leap across various networks is obviously there."

FaceTime speculates that the cross-network IM worm is probably the work of the same VXers who created early Skype worm. The latest IM malware menace once again emphasises the importance for users to think before they click. ®

Related stories

• Trillian blighted by security bug trio (23 May 2008)
• Polyglot worm spreads over MSN (23 January 2008)
• Skype Trojan steals login credentials (17 October 2007)
• Yahoo! In! Ninth! Circle! Of! Security! Hell! (20 September 2007)
• Skype worm blows bubbles at victims (11 September 2007)
• Yahoo! battered by second ActiveX vulnerability (3 September 2007)
• MSN Messenger flaw creates web cam peril (30 August 2007)
• Yahoo! Messenger! users! face! attack! by! video! (16 August 2007)
• Updated: Skype hangs up on users (16 August 2007)
• Nokia swallows Skype on tablet deal (11 July 2007)
• Text bug blights Trillian (19 June 2007)
• Yahoo! fixes bug that gave free rein to user accounts (15 June 2007)
• Skype goes out to mobile phones (11 June 2007)
• Yahoo! patch squashes messenger bug (8 June 2007)
• Brinkster.com battens down the hatches (24 May 2007)
• Skype IM malware smut surfaces (16 April 2007)
• Warezov worm fiends target Skype (28 February 2007)
• Skype woos sysadmins with FaceTime software (1 February 2007)
• Hackers call on Skype to spread Trojan (20 December 2006)
• IM worm installs rogue browser (22 May 2006)
• AOL IM worm roots around Windows PCs (31 October 2005)
• NSFW Skype honeypot snares dirty IMers (6 September 2005)