An Analysis of the Skype IMBot Logic and Functionality
2010/03/08
An Analysis of the Skype IMBot Logic and Functionality.
Publication Date
March, 08th 2010
Author
Christian Wojner, L. Aaron Kaplan
Language
English
History
You can download the full document in pdf format here.
Content
The following report analyzes the Skype Instant Messenger Bot ("Skype IMBot", a variation of the W32.Nytemare trojan) and reports our reverse engineering efforts. One peculiar aspect of Skype IMBot was the way it controlled Skype (and other Instant Messengers) - simulating user input and user keystrokes. This reminded us of a limited Turing Test: did the malware or a true user send the URL? The report covers the reverse engineering of the Skype IMbot, network logic and recommendations to CERTs, users and Skype. It closed with an outlook on further instant messenger bots.