News of a threat that supposedly propagates via the popular VoIP application Skype zoomed through the security industry earlier this week. Its supposed spreading capability classified the threat as a worm. However, based on its analysis, Trend Micro saw only an information theft routine characterizing the Skype threat as a Trojan spyware and detected it as thus ( TSPY_SKPE.A).
After working with the Skype security team, Websense, who first raised the alert, confirms that the threat is indeed a Trojan attempting to use the Skype API for its malicious activities.
Note that, as of this writing, Skype has no known vulnerability and that the Web sites where the Skype code and copies of the Trojan can be downloaded from are all unavailable.