Malvertising Campaign Targets Skype

Security specialists F-Secure have found a new malvertising campaign that is not only targeting web browsers, but also the popular Skype application.

Malvertising campaigns traditionally inject malicious or malware-laden advertisements into seemingly legitimate online adverts.

Skype Target

But now researchers at F-Secure warned in a blog posting that a new campaign has targeted Skype.

“A malvertising campaign shows that platforms that display ads, even when they are not necessarily the browser, are not immune to the attack,” wrote F-Secure. “An example of a popular non-browser application that shows ads is Skype.”

The researchers said that the malicious online ads were distributed by the AppNexus ad platform (adnxs.com).

When a user clicks on the phony advert, they are redirected to the Angler exploit kit, which installs installs ransomware called TeslaCrypt, which typically demands $500 bitcoins in order to unlock encrypted files.

F-Secure said that the campaign seemed to have ended quite fast and is already over. It also said that this is not the first time infections were launched via Skype.

Earlier this week Palo Alto Networks discovered an unusually complex malware attack that seeks to tap into Skype communications. That malware was the latest iteration in a family of attack code that has previously been linked to cyber-espionage activities possibly sponsored by the Chinese government.

Other Malvertising

Earlier this year Malwarebytes warned that of a malvertising attack that affected mainly adult and video streaming sites, which infects users with ransomware via a dodgy pop-under window.

And in December Proofpoint discovered a malicious Twitter advert that could steal users Facebook credentials. It came in a promoted Twittercard with a fake video is posted on user’s Twitter feed.

Other malvertising attacks have previously affected users of dating websites, social networks and even Forbes.com, leading many to question the safety of online advertising – especially those running Flash.

Are you a security pro? Try our quiz!