Warning: 'Hey, is this your Skype profile pic?' Skype Virus Spreading through 'goo.gl' Links
Internet hackers and cybercrooks are always scheming up the latest attack and are willing to use any means to spread new infections. In their latest attempt, they have used the Skype messaging and communication application to spread a vicious virus through the visually harmless message: "Hey, is this your Skype profile pic?", which includes a 'goo.gl' link redirecting to download a zip file containing the virus.
Probably the most discerning aspect of this newly discovered Skype Virus, is that the initial message to spread the infection comes from a person listed in the PC user's Skype contact list. In other words, the Skype message that reads "Hey, is this your Skype profile pic?", appears to be a legitimate message as it purportedly comes from a contact that the user may be familiar with.
The path that the new Skype Virus follows is one that insinuates a trusted message being delivered to a Skype user. The user, unaware of the dangers presented by the "Hey, is this your Skype profile pic?" message link, usually lets curiosity get the best of him/her and eventually clicks on the 'goo.gl' link within this message. Doing so will download a zip file containing a file that loads the virus onto the system. This particular Skype Virus can be compared to previous incidents where we reported on Skype users suffering from malicious links from users not found on their contacts list.
The goo.gl site (shown in figure 1 below) is simply a URL shortener provided by google. Any Internet user could formulate a shortened URL, malicious or not, and initially mask a potentially malicious link. In the case of the Skype Virus "Hey, is this your Skype profile pic?" message, the link redirects users to a download of a zip file containing a rapidly spreading virus.
We have identified, along with multiple security research outlets, that the zip file has a random name titled "skypexxxx" where the "x" could vary. We have also discovered that simply reinstalling Skype will not eliminate the Skype virus. It will basically continue to spread to other Skype users listed on the contact list on an infected computer. Moreover, the Skype Virus may copy the Skype contact list, possibly to populate a spam database belonging to the virus' creators.
Currently, the Skype Virus is detected by some antivirus applications but cannot be removed. A proactive security measure is presently the best defense against this new Skype Virus. Basically, Skype users should avoid clicking on links from questionable messages, even if they come from someone on your contacts list. Also, it may be wise to pay special attention to avoid downloading files if you are the least bit unsure of its legitimacy.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.