What is a wiretap Trojan?
A wiretap Trojan is a program that surreptitiously records VoIP calls.
In August 2009, Symantec issued a security bulletin about Trojan.Peskyspy, a wiretap Trojan that targets Skype calls. Peskyspy uses Windows API calls to access sound from audio devices. The Trojan intercepts Skype audio before it is encrypted, converts the audio stream into an MP3
According to Kevin Haley, director of Symantec Security Response, a wiretap Trojan is an espionage tool that's intended for targeted attacks rather than widespread infection -- the intruder would simply have to sort through too many calls to make any broader use practical.
Ruben Unteregger, a Swiss programmer, developed Peskyspy. Unteregger said he released the code to make the public aware that "we are now becoming a surveillance society" and that "police Trojans are reality and questionable."
Learn More About IT:
> Whitfield Diffie and Susan Landau write about Internet eavesdropping and related issues of espionage, privacy and security.
> Jordan Robertson writes about wiretap Trojans.
> SearchSecurity Asia reports on Symantec's discovery of the Peskyspy Trojan.