A new malware program is attempting to steal users' passwords, pretending to be Skype Defender, an application supposed to protect your VoIP client. Skype's developers confirmed the threat and sustained that several antivirus providers including F-Secure and Symantec already updated their softwares in
order to detect and remove the malware. The threat is distributed as 65404-SkypeDefenderSetup.exe, an executable which was identified as Infostealer, a Trojan horse attempting to steal your username and password. After the installation is completed, it will open a login screen, similar to Skype's which will require you to enter the account information.
"Skype Defender Installed! Please login to your account to apply new plugins," a message box displayed after the installation is complete reads. Please note that you can easily discover the malicious Skype login screen from the 'Sign in' button which looks different from the original one. Once you write your username and password, the Trojan horse informs you that your Skype name and password were not recognized but the information was actually sent to a secret website.
"Some Windows users have been affected by a malware program that imitates Skype software and attempts to steal sensitive information. 65404-SkypeDefenderSetup.exe is classified as an Infostealer, that is, a Trojan horse program that attempts to steal sensitive information such as login credentials," it is mentioned on the Skype blog.
"To remove the malware, please update your anti-virus software. At this time, we have notified F-Secure, TrendMicro, Symantec, WebSense, and FaceTime Security Labs. For manual removal it is enough to delete the 65404-SkypeDefenderSetup.exe file."
The folks from F-Secure sustained they already updated their virus definition and their antivirus technology identifies the threat as Trojan-Spy.Win32.Skyper.B. However, you're still advised to update your antivirus protection and avoid downloading a potential Skype Defender because it might harm your computer.