Skype Scare: Urgent. Please Read

This is an important update provide to me by Regina Smola, my dear friend who is a Computer Security Expert. (Update has been tweaked by me to clarify a few things for you.)

The News: If you get a link in Skype from a FRIEND that you KNOW or FAMILY member that looks like the screenshot below – DO NOT CLICK IT. Please read to protect yourself.

Skype Virus Alert- Spread through Links from Family & Friends

I use Skype on a daily basis to communicate not only with friends, but also clients and important business connections.

But unfortunately, there are reports that a virus is spreading through Skype.

Your business associates, or even a family member can accidentally (and unknowingly) send you a link that infects your computer. That’s exactly what is happening. On October 8, 2012 a new virus affecting Skype users was discovered and it’s being reported all over the Web, including CNET, and Mashable.

Your legitimate contacts are not sending those links to you on purpose. It is very likely they they have been infected, and that they have no control whatsoever over their system. In fact, it’s possible that their computer is even being held under virtual lock-and-key for monetary ransom.

How Do you Get The Virus?

SkypeAs of October 8th 2012, people have been allegedly receiving automated messages from what appear to be automated bots (Dorkbot Worm) with the socially-engineered message: ” Lol is this your new profile pic?” with a link to what might appear to be a legitimate zipped image. (see image)

This bot is very clever and spreads through a few computers to begin with, and then automatically targeted contacts in the infected user’s Skype contact list. As these contacts receive the automated messages, many of them wouldn’t think twice about opening the link because they are receiving the message and link from an established (possible credible) contact on their “friend” list.

If you click the provided link, you would download a .zip file. Upon opening the zip file, an executable file could infect your computer.

To many people, this would be a sign that something is wrong; however if you have extracted the file and your Anti-Virus system hasn’t kicked in and blocked the file, or it is a zero-day attack (no cure has been discovered yet), it is likely too late.

The link being circulated is also socially-engineered to fool users into thinking that it is legitimate. The structure is as follows:


(link not clickable for your protection.)

Looking at the structure of the link, we first see that the URL appears to be a Google shortlink. Then we see some random numbers and letters in an alphanumeric format, which is characteristic of any typical link. The most socially-engineered part of the link is that the final portion appears to be an image (img), and also implies that the image (img) has something to do with the user in question (in this case, John Smith). This can easily fool even the most seasoned user into thinking that the link is legitimate.

What does the Virus Do?

This virus is commonly known as “ransomware.” It essentially holds the victim’s computer hostage until the victim agrees to pay a fee of $200 to access his/her (now locked) filesystem within 48 hours.

Obviously this means that the perpetrator has full access to not only the victim’s personal files, but also any saved passwords the victim may have stored in their system. The malware (Worm Virus) has a multi-tasking feature designed to specifically steal usernames and passwords to social networking sites and PayPal accounts.

And to take it even further, this multi-tasking virus turns infected servers into “botnet” servers to perform DOS (denial of service) attacks on targeted websites, and continues to downloading further viruses on the (already infected) computer.

Once a user is infected, the virus will not only hijack the user’s system and hold the files for ransom while stealing the user’s passwords but will also begin to send similar messages over Skype to all people on the user’s contact list in order to keep the virus circulating. Yes, you then spread the virus to your loved ones, as well.

How Can You Protect Yourself?

All Skype has said about this infection so far is that users need to -

  1. keep Skype updated,
  2. keep computer system updates that you should be regularly maintaining.
  3. They also said not to click on any links that may look suspicious, even coming from your established contacts. (EVEN FROM YOUR OWN MOTHER!) :)

Skype Security and Computer Rescue Kit

Regina put together a Skype Security and Computer Rescue Kit. She and her staff spent a lot of time on it, but they are selling it at a very low price to get it into as many hands as possible. I’m including a bonus to make sure you grab it so you’re safe.

Here’s what’s included:

  • Computer Security Essentials: 7 Steps You Must Take to Protect Your Computer from Malicious Attacks
  • Printable Emergency Virus Recover Plan for Windows Computers (Hang this by your computer in case of emergency.)
  • Skype™ Safety Plan – Keeping your Skype Installation Secure

BONUS! If you buy the course, I will also give you my Protect Your Online Business Course that is currently being sold for $15 here.

  1. Just order through the big button below.
  2. Then send us your receipt and we’ll get you hooked up.

Here’s more about Regina just so you know why she is the one I turn to when I have a security question.

Regina Smola is a sought-after WordPress Security Expert, Speaker, Author and owner of WPSecurityLock.com.

She has helped thousands of WordPress users tighten security on their WordPress blogs and written numerous articles, ebooks and action guides on securing self-hosted WordPress websites.

Regina provides security services for clients with both new and existing WordPress websites. She also offers individual consultations and group training on WordPress security.

Warmly,
Nicole Dean

Love this post? Send it to your Kindle to read again later!

Send to Kindle

Comments

  1. That’s very worrying but that’s not the only thing that’s going on with Skype. Somehow someone made some fraudulent transactions on my Skype account recently to the tune of £115. Initially they refused to refund me saying they did not refund fraudulent transactions but after I contacted Paypal they had a change of heart. I have since changed all my passwords.
    Sandy Halliday recently posted..Installing A New WordPress Share Plugin Blew Up My Blog!My Profile

    • Definitely always be careful. The scariest part about this malware to me is that it can access your Paypal account. That is NOT good. (Obviously.)

      Thanks for commenting, Sandy!

  2. Thanks for bringing this to my attention Nicki. Happily, my apple computers do not seem to be targeted by this attack.

    M
    Mark Mason recently posted..MW038 – Google’s Exact Match Domain UpdateMy Profile

  3. Thanks for sharing this!
    Kim Phoenix recently posted..Want to Learn From My Outsourcing Mistake?My Profile

  4. Alice Coaxum says:

    Thanks for sharing this. I will be passing this info along to my daughters who use Skype to talk to their friends.

  5. Diane Merriam
    Twitter:
    says:

    I’ve received a couple of these and got the zip downloaded. When I saw the exe file in it I just had to stop. Sounds like it’s a very good thing I listened to my radar and didn’t take that last step. Thanks for letting up all know.

    Diane

    • Diane, I am so glad you saw that it was an .exe file and stopped.

      I don’t know if you saw, but I installed a virus a few weeks ago on my computer – a much tamer one, thank God, and it was awful. I just cant imagine this new one. UG.

      Thanks for sharing.
      N

  6. Nicole.. I really appreciate your emails. They are always welcome and valuable. I am glad I saw this one before I got one of those messages. I may have thought better of opening it… but you never know right?

    Thanks for the heads up.
    Sandi
    Sandi Foster recently posted..CARBURETOR Repair on Older BRIGGS & STRATTON 3.5HP Engine Part 2 of 2My Profile

  7. Christine Brady
    Twitter:
    says:

    Hi Nicole and Regina,

    I read your post on my phone a couple days ago (while waiting in school car line no doubt), but anyway, I had to come back to it to share it with others –

    I can only imagine what a horrible thing this must be to happen to people, but particularly to those of us working online all-the-time. I for one need to keep this info top of mind, as sometimes I get so busy multitasking that I have one thing downloading, while waiting for something else – lesson learned on staying aware of what I have going on and of course, watching out for the virus.

    Thanks for sharing Nicole!

    ~Christine

  8. Hi Nicole,
    Thanks for bringing up this fact to my notice. I use Skype a lot to connect with my family. I will even forward the link of this blog to my friends and family. Thanks again for this valuable information.

  9. Oh, I didn’t know Skype can be penetrated by malwares. I always feel that it is a secured application. Might have to go check mines, now.

  10. I received several notifications just like this and for many people, this is obviously a malicious file and it shouldn’t be clicked! I’m quite amazed that a lot of people fell for this virus though. Always keep your Skype updated and be careful what you click on.

  11. Jim Zboran
    Twitter:
    says:

    Glad I came across your warning here, Nicole. I’m very careful about attached files but, as you pointed out, this one is more clever than most. I’ll have be sure to pay close attention to the contents of zipped files before unzipping… Thanks for the heads-up!

  12. I feel that Skype is still reliable. It was reliable enough to bump Yahoo! Messenger out of its throne. Gotta love this video chat software.
    Stacey recently posted..New Years Eve Cruise in Sydney 2012 Harbour Fireworks Cruise!My Profile