Malware delivered via Skype IMs spreading

It's never a good idea to click on a link from anyone that you don't know, and even from people that you do know well, you should still take caution. Yet, a form of malware that is currently spreading to a number of PCs is being delivered via the Skype PC VoIP client using that method.

The GFI Labs website first reported the issue a few days ago when it began getting notices of IMs in the Skype client with a link to a URL. The report states that people who click on this link then download the malware to their PCs.

GFI states:

The file being offered up is most commonly known as “skype_02102012_image.exe”. Running the file will cause it to self delete and the infected PC will begin making DNS requests to a number of URLs, including a .pl, a .com and a .kz - we also saw references to IRC channel names in the network traffic and are investigating further.

News.com got a statement from Skype who says, "We are aware of this malicious activity and are working quickly to mitigate its impact." It added that Skype users should update to the latest version of their software as well as update their anti-virus software. Of course, Skype also recommends that users simply don't click on a link to any URL that looks odd, even if it seems to come from one of your own Skype contacts.

Source: GFI | Image via GFI

Report a problem with article
Previous Story

Windows 8 Acer Iconia W510 tablet priced at $500

Next Story

Windows Server 2012 Essentials hits RTM; launches Nov. 1st

19 Comments

warwagon said,
LOL. .. People actually click those? Also Sandboxie FTW!

It doesn't even bother exploiting any browser flaw.

It just ask the users to run the classic picture.exe thing. Used to work 10 years ago, still working today!

That kind of malware has always existed. Nothing new, no security flaw used to propagate. Nothing skype specific.

If it is from random people and / or in general it is a good idea to go into the skype options under security and select "Only allow people in my Contact list to contact me"

KSib said,
Getting people to run random exe's is that easy huh? Fun.

Unfortunately yes, that's why Apple turned off executing unsigned applications by default in Mountain Lion. A lot of people get infected from mail attachments or from executables downloaded from websites often because the antiviruses still doesn't detect them since the viruses are continuously updated.

In the case of firefox, you can't just click run. You have to click save and then double click the file and then tell it to run. On the plus side one of the only safety nets for some people with regards to firefox, is most people think the act of downloading the file is the same thing as installing it. So they download the file and think they are done, nothing else they need to do.

Quite a few times I would look in someones download folder who used firefox and I would see all these xpantivirus.exe files. Sometimes 3 or 4. I never understood how they weren't infected. But when a fake AV site prompted them to install it, they thought downloading it was enough.

Another customer couldn't open up power point files. So I told him all he has to do is download the power point viewer and install it and he should be fine. So he calls me back 30 mins later and says. It didn't work. I still can't open power point files. Ends up he downloaded it but never installed it.

"The report states that people who click on this link then download the malware to their PCs."

Really? Really!?!?

No wonder computing is getting more locked down by the day when these kind of users have no understanding of the technology they're using. Actually, its scary that people are allowed computers when they don't understand anything about them.

ShMaunder said,
"The report states that people who click on this link then download the malware to their PCs."

Really? Really!?!?

No wonder computing is getting more locked down by the day when these kind of users have no understanding of the technology they're using. Actually, its scary that people are allowed computers when they don't understand anything about them.

But to get infected they have to do more than just download it. They also have to RUN IT!

This is just MS's way to force you to update so you can get their newest version that gives you more ads to look at - stupid! I hate that MS took it over!

sava700 said,
This is just MS's way to force you to update so you can get their newest version that gives you more ads to look at - stupid! I hate that MS took it over!

Ya, MS forces malware via Skype to force you to download Skype.

Commenting is disabled on this article.