This is an important update provide to me by Regina Smola, my dear friend who is a Computer Security Expert. (Update has been tweaked by me to clarify a few things for you.)
The News: If you get a link in Skype from a FRIEND that you KNOW or FAMILY member that looks like the screenshot below – DO NOT CLICK IT. Please read to protect yourself.
Skype Virus Alert- Spread through Links from Family & Friends
I use Skype on a daily basis to communicate not only with friends, but also clients and important business connections.
But unfortunately, there are reports that a virus is spreading through Skype.
Your business associates, or even a family member can accidentally (and unknowingly) send you a link that infects your computer. That’s exactly what is happening. On October 8, 2012 a new virus affecting Skype users was discovered and it’s being reported all over the Web, including CNET, and Mashable.
Your legitimate contacts are not sending those links to you on purpose. It is very likely they they have been infected, and that they have no control whatsoever over their system. In fact, it’s possible that their computer is even being held under virtual lock-and-key for monetary ransom.
How Do you Get The Virus?
As of October 8th 2012, people have been allegedly receiving automated messages from what appear to be automated bots (Dorkbot Worm) with the socially-engineered message: ” Lol is this your new profile pic?” with a link to what might appear to be a legitimate zipped image. (see image)
This bot is very clever and spreads through a few computers to begin with, and then automatically targeted contacts in the infected user’s Skype contact list. As these contacts receive the automated messages, many of them wouldn’t think twice about opening the link because they are receiving the message and link from an established (possible credible) contact on their “friend” list.
If you click the provided link, you would download a .zip file. Upon opening the zip file, an executable file could infect your computer.
To many people, this would be a sign that something is wrong; however if you have extracted the file and your Anti-Virus system hasn’t kicked in and blocked the file, or it is a zero-day attack (no cure has been discovered yet), it is likely too late.
The link being circulated is also socially-engineered to fool users into thinking that it is legitimate. The structure is as follows:
(link not clickable for your protection.)
Looking at the structure of the link, we first see that the URL appears to be a Google shortlink. Then we see some random numbers and letters in an alphanumeric format, which is characteristic of any typical link. The most socially-engineered part of the link is that the final portion appears to be an image (img), and also implies that the image (img) has something to do with the user in question (in this case, John Smith). This can easily fool even the most seasoned user into thinking that the link is legitimate.
What does the Virus Do?
This virus is commonly known as “ransomware.” It essentially holds the victim’s computer hostage until the victim agrees to pay a fee of $200 to access his/her (now locked) filesystem within 48 hours.
Obviously this means that the perpetrator has full access to not only the victim’s personal files, but also any saved passwords the victim may have stored in their system. The malware (Worm Virus) has a multi-tasking feature designed to specifically steal usernames and passwords to social networking sites and PayPal accounts.
And to take it even further, this multi-tasking virus turns infected servers into “botnet” servers to perform DOS (denial of service) attacks on targeted websites, and continues to downloading further viruses on the (already infected) computer.
Once a user is infected, the virus will not only hijack the user’s system and hold the files for ransom while stealing the user’s passwords but will also begin to send similar messages over Skype to all people on the user’s contact list in order to keep the virus circulating. Yes, you then spread the virus to your loved ones, as well.
How Can You Protect Yourself?
All Skype has said about this infection so far is that users need to -
- keep Skype updated,
- keep computer system updates that you should be regularly maintaining.
- They also said not to click on any links that may look suspicious, even coming from your established contacts. (EVEN FROM YOUR OWN MOTHER!)
Skype Security and Computer Rescue Kit
Regina put together a Skype Security and Computer Rescue Kit. She and her staff spent a lot of time on it, but they are selling it at a very low price to get it into as many hands as possible. I’m including a bonus to make sure you grab it so you’re safe.
Here’s what’s included:
- Computer Security Essentials: 7 Steps You Must Take to Protect Your Computer from Malicious Attacks
- Printable Emergency Virus Recover Plan for Windows Computers (Hang this by your computer in case of emergency.)
- Skype™ Safety Plan – Keeping your Skype Installation Secure
BONUS! If you buy the course, I will also give you my Protect Your Online Business Course that is currently being sold for $15 here.
- Just order through the big button below.
- Then send us your receipt and we’ll get you hooked up.
Here’s more about Regina just so you know why she is the one I turn to when I have a security question.
Regina Smola is a sought-after WordPress Security Expert, Speaker, Author and owner of WPSecurityLock.com.
She has helped thousands of WordPress users tighten security on their WordPress blogs and written numerous articles, ebooks and action guides on securing self-hosted WordPress websites.
Regina provides security services for clients with both new and existing WordPress websites. She also offers individual consultations and group training on WordPress security.