SKYPE is being used by hackers to spread a “malicious worm” that infects Windows PCs and could result in computers being held to ransom.
The video chat service, owned by Microsoft, said yesterday it was “aware of this malicious activity” and warned users not to click on any “strange” or “unexpected” links.
A number of users received instant messages saying “lol is this your new profile pic?” By clicking on the link, they unwittingly downloaded a file containing Trojan horse malware.
The malware allows hackers to hijack infected PCs and recruit them into a “botnet army”, reports the BBC.
Once a PC is part of a botnet, hackers can steal the user’s log-in and password information used for accessing various websites and send out more viruses or worms from the victim’s computer. In this case, if a computer is infected it sends out the “lol” message to the user’s contact list on Skype.
Hackers in charge of a botnet can try to jam websites by making all the PCs visit a targeted web page at the same time, reports the Los Angeles Times. Such attacks are called DDOS – or distributed denial of service – attacks.
Users can also be locked out of their machines and held to ransom. A message will threaten to delete all the user’s files unless they pay $200 within 48 hours.
Internet security specialist Sophos says a similar worm had been spread in the past by social media platforms such as Facebook and Twitter.
“The danger is, of course, that Skype users may be less in the habit of being suspicious about links sent to them than, say, Facebook users,” said Sophos’s senior technology consultant Graham Cluley.
Skype yesterday urged users to upgrade their accounts, keep their anti-virus software updated and avoid clicking suspicious files and links.
“Skype takes the user experience very seriously, particularly when it comes to security,” it said in a statement. “We are aware of this malicious activity and are working quickly to mitigate its impact.” ·