Source code of Skype covert tap released
On his website Megapanzer.com, Ruben Unteregger, a Swiss software developer has released the source code of a program for tapping into encrypted Skype conversations. The program can be injected into a PC as a trojan. According to the Unteregger, the successfully injected trojan hooks into active Skype processes, secretly records the audio data of conversations and transmits it to an external server as MP3 files.
Back in 2008, the CCC published a letter claiming that the Bavarian legal authorities and police had used a similar program made by a company called DigiTask; despite requests for clarification, the allegation was never denied. In Switzerland, a program made by vendor ERA IT Solutions has reportedly been used for the same purpose. Unteregger claims that he was employed with this very vendor for several years, working predominately on "malware stuff". Unteregger says that by making the spying software available under the GPL, he hopes to cast light onto this dark subject.
Riccardo Gubser from ERA explained to The H's associates at heise Security that "the know-how for this development was introduced to the company by R.U. and it disappeared with his exit from the company." Apparently Ruben Unteregger, was not only a developer at ERA IT, but one of the main shareholders and member of the management at the company.