A malicious worm has been spreading quickly among Skype users which may take over your computer and ask for ransom in order to release its content. The worm is spread through a Skype instant message which reads: “lol is this your new profile pic?” followed by a link to the supposed profile pic. When a user click the link, it will download a ZIP file which opens a back door, allowing remote control of the affected PC.
Not only does this worm take over your PC, it also sends the link to your contact list, so the message can come from people you know and trust. The malware can take over your entire PC, demanding $200 within 48 hours to release it and threatening to tell the US government that you’ve been downloading prohibited material unless you pay up.
Skype is already aware of the problem, and in an official statement, recommends “upgrading to the newest Skype version and applying updated security features on your computer”. As expected, they also recommend avoiding links that “look strange or are unexpected”, even when they come from people on your contact list.
So upgrade Skype, update your anti-virus software, and most importantly, use common sense when clicking links. This is not the first or last fake link you’ll receive from a friend, don’t be the one who sends it along.
Source: GFI
Image credit: GFI
More articles about:
Hide 33 Comments
I’m sorry, but I fail to understand how upgrading Skype would fix this kind of exploit. I understand upgrading your anti-virus, but it’s not Skype’s fault that users are running programs they shouldn’t trust.
Yeah, it’s just a standard response. In this case, you could probably get infected even with the latest version of Skype.
The updated version would contain a fix to patch the exploit/backdoor…
There is no exploit in the application. The virus takes advantage of people’s gullibility. The virus is asking people to download a .zip file and launch the executable inside it and the executable opens a backdoor in the infected computer. We had viruses like this since forever spreading through email, but we got rid of most of them thanks to spam filters. This one is using Skype instead of email to spread its self. I’ve also seen plenty using Yahoo! Messenger.
Thanks for the information. I’ll keep an eye out for that, though I try to keep all of my software updated anyway.
Does the malware affect Linux users too?
Not as far as I know, but I’m not %100. Shouldn’t click on suspicious links regardless of OS. :)
No, unless you have Wine installed and you explicitly set the +x flag (executable) for the file.
Awesome. Microsoft buys something, it gets infected by malware.
Thanks for the warning.
The best way to avoid virus infection would be to avoid downloading any suspicious files / links.
Thanks for the heads up, all these scammers and baddies could do so much good with their skils whereas I just want to shake them warmly by the throat! :)
great info I’m upgrading now
just don’t click on anything you KNOW was meant really for you
Good job I updated!
Just can’t get away from the evil virus, but keeps some people employed
Informative article! Thanks for the heads up!
safe mode+antymalware bytes = problem solved
If you copy the link and paste it on a browser, would it still work?
I think I’ve read somewhere that you should copy links and paste them on your browser, not click them, if you’re being careful. What’s the rationale behind that?
You’d do better to simple ignore suspicious links. As far as I know, copying and pasting in the browser would still have the same effect as clicking, at least most of the times.
In general, it shouldn’t be that hard to distinguish between real links and spam. If you really can’t make up your mind if it’s real, don’t risk it. Just ask the person who sent it if they really sent it.
Doesn’t most virus come from (or through) people you know. Email, facebook, blogs …? Isn’t that why it is spread so quickly?
Yes, it does work that way many times. Despite that, viruses continue to use this to spread, so it’s important to make it clear again and again.
good thing i dont use skype
The main point to prevent this using your logic thinking.
That sucks! I upgraded, have Ariva Premium, so I hope that is enough!!!
Upgrading skype sounds like a lame solution to a problem that requires some major ass haul on Skype’s end. A more effective solution would’ve been for the skype team to either send email alerts to this issue to the users or better yet, some sort of a message in the status bar within skype (you know, the one which for some reason keeps you updated on the number of online users).
Agreed. Updating is usually the recommended solution, but many times it’s useless for threats such as this one. I think an up to date anti-virus is a much more sensible and important recommendation, in most cases.
Update has come to fix it
I will upgrade my Skype app now that i’ve read this.
good to know
I’m not sure I understand the question. In any case, the point is to not click any links you’re not complete sure about.