This article is more than 1 year old
Skype worm chats up victims - then holds PCs to ransom
U mad lol?!
A worm that locks Windows PC users out of their computers unless they pay a $200 ransom is rapidly spreading via Skype.
Once it has secreted itself into a machine, the malware tricks further victims into installing it by using the Microsoft-owned VoIP software to send messages that read "lol is this your new profile pic?" The malicious missives, dispatched to the infected user's contacts, include a shortened goO.gl link to a zip file hosted by Hotflie.com.
This archive contains an executable that, antivirus biz Sophos says, installs a variant of the Dorkbot worm and recruits the compromised machine into a botnet army.
Left to its own devices, the worm may switch to its ransomware mode, locking the punter out of his or her computer and inform them that all their files have been encrypted and will be deleted unless a $200 payoff is forthcoming.
Previous Skype scams have also spread through bogus links in the software's instant messaging client.
Graham Cluley, a senior technology consultant at Sophos, added: “Skype users may be less in the habit of being suspicious about links sent to them than, say, Facebook users."
Trend Micro said some 400 computers were infected in the first 24 hours of the worm outbreak last Thursday. Skype said in a statement:
Skype takes the user experience very seriously, particularly when it comes to security. We are aware of this malicious activity and are working quickly to mitigate its impact. We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer.
The chat biz recommends users do not click on "strange or unexpected" links. ®