Skype Users Targeted by Malicious Worm
Skype Users Targeted by Malicious Worm that locks them out of their PCs
The worm attempts to spread by spamming messages to a victim's contact list.
by Dan Goodin -arsetechnica
Black Hat
Security researchers have detected a new malware campaign that attempts to infect Skype users by sending them booby-trapped links from contacts in their address book.
The social-engineering ploy, which was first reported on Friday by GFI Labs, attempts to install a variant of the Dorkbot worm that previously menaced users of Twitter and Facebook. Once installed, it uses its host computer to engage in click fraud, Trend Micro researcher Rik Ferguson reported later. It eventually installs software that locks the user out of the machine and displays screens saying their data will be deleted unless a $200 "fine" is paid in the next 48 hours.
According to a separate report from Sophos, the malware campaign is "taking advantage of the Skype API to spam out messages such as "lol is this your new profile pic?" along with a malicious URL.
Skype officials have said they are "working quickly to mitigate" the attack. They also advise users to ensure they're running the most up-to-date version of the Skype client. Although the recent attacks appear to target Windows computers, Ars readers are reminded that Mac versions of Skype have also been known to put users at risk.
|