Worm spreading on Skype IM installs ransomware
by Steven Musil
October 8, 2012
A malicious worm spreading through Skype instant messages threatens to take control of a victim’s machine and hold its contents for ransom.
The issue, which was first brought to light Friday by GFI, tricks users into downloading a ZIP file by displaying the socially-engineered message, “lol is this your new profile pic?” along with a link that also spreads the message to other Skype users. The ZIP filed contains an executable file that installs a variant of the Dorkbot worm and creating a backdoor via “Blackhole,” an exploit kit used by criminals to infect computers through security holes.
The backdoor allows a remote attacker to take control of the machine and install the ransomware, a malicious application that locks the user out of the computer via password or encryption and demands a payment, or ransom, in exchange for its contents. This particular strain demands a payment of $200 within 48 hours or risk having their files deleted.
[hat tip: Mile High Liberty Radio]