"Things can potentially get passed out of an organization using Skype because the messaging communications are encrypted and hard to fiddle with. That could be one of the angles," Boyd said. "It's just interesting that the attacks we saw for several months have been so consistent, and now there's this significant change in targeting different networks. I think we'll see more editions in the coming weeks and a substantial attack on Skype users at some point."
In late March 2007, researchers at F-Secure first unearthed a Skype worm variant that attempted to trick users into visiting a Web site that downloaded a malware program which was designed to communicate to hackers over a Yahoo mail server to confirm its infection and load additional programs onto affected PCs.
Variants of the attack, which subsequently tried to infect users with keystroke logging software and other data-thieving programs, have continued to appear since that time.
Tony Magellanez, a systems engineer at Helsinki, Finland-based F-Secure, said that such a move by hackers to port their IM-based threats to VoIP software should come as no surprise.
"Chat has obviously been around forever, and the ability to share information via these tools has opened it up to the types of attacks we're seeing," Magellanez said. "The attacks aren't being made against any vulnerability in the software but instead against the social aspects of its use that make it an attractive target."
The researcher said, in fact, that the Skype application in particular has exhibited a small number of vulnerabilities and proven fairly resistant to malware threats, a performance he attributes to significant work on the part of the company to engineer the system with security in mind.
Other researchers echoed that sentiment but pointed out that most large businesses will still likely adopt VoIP tools designed specifically for the enterprise and avoid publicly-available programs like Skype out of fear for potential attacks.
"At this point, we're really just talking about VoIP as a transport vector for attacks as is the case with the Skype worm attacks, which is predictable when you consider other IM-based threats," said Chris Hoff, chief technology officer at Crossbeam Systems. "Like anything else, when VoIP becomes a more legitimate pathway for attackers to go after monetary systems, they will come after it, but it also seems like businesses are taking a more pragmatic approach to adopting VoIP when it comes to security."
For instance, Hoff said most companies are running their VoIP systems on standalone networks to make it harder for hackers to access the programs and protect availability of their calling capabilities. Such planning should make a big difference as more dangerous VoIP threats are created, he said.
Tom Cross, a researcher with the X-Force team at IBM's ISS division, agreed that Skype is in some sense becoming a victim of its own success with the recent emergence of more worms. In addition to a rapidly increasing number of users, the researcher also attributed greater e-mail and IM security awareness among customers as a reason for the uptick in activity.
"From a technical standpoint, these worms don't really have anything to do with VoIP, it's being targeted just as any other popular communications tool will be," Cross said. "Hackers are also moving to different technologies to perform their attacks because we've gotten better at detecting them on other platforms; spam and e-mail don't work as well for the attackers anymore, so VoIP offers a new opportunity where end-users may not be expecting this type of threat, yet."