Feeds

Skype worm chats up victims - then holds PCs to ransom

U mad lol?!

Top three mobile application threats

A worm that locks Windows PC users out of their computers unless they pay a $200 ransom is rapidly spreading via Skype.

Once it has secreted itself into a machine, the malware tricks further victims into installing it by using the Microsoft-owned VoIP software to send messages that read "lol is this your new profile pic?" The malicious missives, dispatched to the infected user's contacts, include a shortened goO.gl link to a zip file hosted by Hotflie.com.

This archive contains an executable that, antivirus biz Sophos says, installs a variant of the Dorkbot worm and recruits the compromised machine into a botnet army.

Left to its own devices, the worm may switch to its ransomware mode, locking the punter out of his or her computer and inform them that all their files have been encrypted and will be deleted unless a $200 payoff is forthcoming.

Previous Skype scams have also spread through bogus links in the software's instant messaging client.

Graham Cluley, a senior technology consultant at Sophos, added: “Skype users may be less in the habit of being suspicious about links sent to them than, say, Facebook users."

Trend Micro said some 400 computers were infected in the first 24 hours of the worm outbreak last Thursday. Skype said in a statement:

Skype takes the user experience very seriously, particularly when it comes to security. We are aware of this malicious activity and are working quickly to mitigate its impact. We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer.

The chat biz recommends users do not click on "strange or unexpected" links. ®

Combat fraud and increase customer satisfaction

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.