Skype users are being targeted by a worm that downloads malware to their PCs, and may even demand money to regain use of their machines.
The malware Trojan allows hackers to take control of infected computers and use them as part of botnets, but security researchers have warned that the Trojan can also download "ransomware" to infected PCs.
Affected users risk being locked out of their computers, and forced to hand over money in order to regain access to their data.
The Skype worm spreads by convincing users to click on messages with a link to the malware. The link usually refers to a user's new profile picture, with text such as "lol is this your new profile pic?".
According to security researchers at security vendor Sophos, the link then downloads a zip file, which contains a Trojan. The Trojan allows hackers to control the infected PC remotely over HTTP. The malware, according to Sophos' Graham Cluley, is a version of the Dorkbot worm.
The worm has been spreading for some time via other social networks including Twitter and Facebook, and could also spread via USB sticks, Cluley warned. But Skype users might be less wary of clicking on links than users of services such as Facebook, he suggested.
"We are aware of this malicious activity and are working quickly to mitigate its impact," the company said in a statement. "We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer. Additionally, following links - even when from your contacts - that look strange or are unexpected is not advisable." Skype has also issued more detailed security advice to its users.
So far, only Windows PC users appear to have been targeted by the attack.
-
The evolving role of the CISO and how it impacts channel partnersIndustry Insights The traditional IT sales cycle is being rewritten as CISOs emerge as the most important stakeholders for channel partners to align solutions with
-
How businesses can use storytelling to drive AI adoption among their workforceMany employees are still resisting AI tools, but narrative-led communication is more likely to get their buy-in than data and spreadsheets
-
Ransomware cartels are fragmenting into volatile splinter groups, warns Met Police cyber chiefNews Commoditized "cyber crime bazaars" and AI data mining are forcing law enforcement to rewrite its playbook
-
New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacksNews NTT researchers warn that the RaaS group is leveraging SystemBC malware to establish covert tunnelling, evade detection, and support rapid lateral movement across enterprise environments
-
Instructure chose to a pay ransom following the Canvas cyber attack – research shows more than half of security leaders would follow suitAnalysis Opting to pay ransoms creates huge risks for enterprises – you’re relying on the word of criminals
-
Ransomware negotiator sentenced for role in major cyber crime groupNews Deniss Zolotarjovs was a key player in a group associated with Conti
-
North Korean hackers are duping freelance developers with fake interviews to steal cryptocurrency and deliver malware — Sophos warns the 'Nickel Alley' group is using LinkedIn, Upwork, and Fiverr to target victimsNews A fake interview process uses coding tests and repo downloads to deliver malware
-
Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitationNews A dip in ransomware volumes points to a more targeted approach focused on vulnerability exploitation
-
Security leaders overconfident about ransomware recovery
News Few manage to recover all their data, and many experience business disruption
-
German authorities want your help finding the hackers behind GandCrab and REvilNews Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes
