Skype is the new target of getting malware and spam. According to multiple reports from security firms, as well as from a community forum thread on Skype.com, the popular communications service is the latest target of a malicious online worm identified as “Dorkbot.” The worm has previously infected both Twitter and Facebook, and is known to send out messages to trick users into clicking on links.
For example, if you’ve ever received a tweet or message with some variation on “lol is this your new profile pic?” followed by a link, that could have been the Dorkbot worm in action. Trend Micro, the security firm refers to the Skype worm as “spreading fast.” The Company’s blog says that the users have seen messages in both English and German, and links point to a download on Hotfile.com labeled as “Skype_todaysupdate.zip,” containing the payload.Te
In the past, there have been many variants of the Dorkbot attack on other social networks, and it can also spread on USB sticks and via IM.
The worm’s payload is rather vicious - after compromising the affected machine, it joins the machine to a botnet and locks users out of their computer. While in the past, Dorkbot went after user credentials, this new attack uses what’s known as “ransomware.” Users are warned that their files will be deleted if they don’t pay $200 within 24 hours. Sophos’ (another Security company) Graham Cluley describes this as being like “kidnappers shooting hostages one by one, if their demands aren’t met…it’s really creepy, unpleasant behavior – and sadly becoming more common,” he says.
Users are asked as always not to click on unexpected links.
Update: Skype responds with the following statement:
Skype takes the user experience very seriously, particularly when it comes to security. We are aware of this malicious activity and are working quickly to mitigate its impact. We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer. Additionally, following links – even when from your contacts – that look strange or are unexpected is not advisable.