Malicious worm targets Skype users

By Sooraj Shah
10 Oct 2012 View Comments

Internet communication platform Skype has been hit by worm malware that could infect Windows PCs.

When users of the communication platform click on an instant message that says "lol is this your new profile pic" they instantly download Trojan malware.

Further reading

According to security firm Sophos, the worm is a variant of Dorkbot, which lets hackers take control of infected Windows PCs remotely through HTTP by exploiting the Skype API. After the user clicks on the link, they automatically download a ZIP file that contains malicious executable files.

Graham Cluley, senior technology consultant at Sophos, said that the malware could allow a hacker to use the victim's PC in a botnet.

"Before you know it, your computer has been recruited into a botnet, and could fall victim to a ransomware attack," he said.

Ransomware is a type of attack where the malware creator demands payment to remove the restrictions imposed on the PC by the malware.

In a statement, Skype said that it takes the user experience, and in particular security, very seriously and is working on reducing the damage that can be inflicted by the malware.

"We are aware of this malicious activity and are working quickly to mitigate its impact. We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer," the statement said.

In a blog, the firm also advised users to keep their PC or device security up to date with the latest anti-virus software.

Meanwhile, Microsoft, which acquired Skype in 2011, has released seven bulletins as part of its monthly patch updates.

Only one of the bulletins was rated critical and applied to Microsoft Office and Server Software.

The MS12-064 bulletin states that a privately reported vulnerability in Microsoft Word could allow remote code execution.

"The vulnerability could allow remote code execution if a user opens or previews a specially crafted RTF file. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user," the bulletin reads.

Reader comments
blog comments powered by Disqus
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

39 %
26 %
14 %
21 %