Skype Botnet Scam Targets Windows Users
A worm with its sights set on Windows computers is making its way across the Internet through Skype instant messages, security experts warn.
The message contains a shortened link and a garden-variety phishing scam line: "Lol is this your new profile pic?"
Clicking the link triggers a ZIP file to download. Once the file is unzipped, a Trojan copies itself to the hard drive, opens up a backdoor and loads malware known as the Dorkbot worm from a remote server. Once on board, the worm enlists the compromised computer into a botnet.
The worm also has the potential to lock PC users out, holding their files for ransom unless they agree to pay the extortionists within a short period of time, Forbes reports.
According to related posts in the Skype community support network, the malware takes advantage of Skype's programming interface in order to automatically blast the malicious link to all of the compromised accounts’ contacts.
In an email a Skype spokesperson said they were aware of the issue and working to mitigate the impact as quickly as possible. "We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer," they said.
The Dorkbot attack has been spreading over Facebook and Twitter for the past year, Sophos' Naked Security blog reported. The attack can also spread via USB drives and other instant messaging services.
No matter what service, application or website you use to communicate, always do so safely. While we usually know who's at the other end of a conversation, there's no way to know for sure. Even messages from people you trust could contain malicious links. "Following links – even when from your contacts – that look strange or are unexpected is not advisable," the spokesperson said.
Your friends may not wish to harm you or your computer, but someone else with access to their accounts might.
Update: This story has been updated to include comments from Skype.
Follow Ben on Twitter @benkwx.