Categories: SecurityWorkspace

Skype Spam Installs Trojan Horse

Skype users have been warned about an ongoing spam campaign that attempts to install malicious code on their systems, according to computer security researchers.

The junk messages, which appear to originate from someone known to the user, read data from the affected system and may link it to a botnet, putting it under the control of the attackers, according to computer security firm Malwarebytes.

Trojan attack

The company said it hadn’t been able to contact the owners of a compromised web server used in the attack to inform them of the situation, meaning the campaign is currently continuing to affect users. The affected users are mostly in India, Japan and the Philippines, researchers said.

“As of this writing, we cannot reach the owners of the site to inform them of the compromise,” Malwarebytes said in an advisory.

The malicious message used in the campaign contains Japanese katakana characters reading “tsuyo!” or “too much!” along with a bit.ly link, Malwarebytes said.

When clicked, the link leads to a website set up by the attackers on a compromised web server, and this website tries to download what appears to be a screensaver file onto the user’s computer.

Botnet link

The file’s icon displays what appears to be a salacious image, encouraging users to click on it, but doing so in fact launches the malware, researchers said.

The Trojan horse communicates with servers located in China, Vietnam and the US, most of which have a history of harbouring malicious files, and reads data from the compromised system’s configuration files. It also links to an IRC server, possibly to join a botnet, Malwarebytes said.

“This modus operandi has been reused countless times, and it often yields successful results for the criminals,” the company said.

The company encouraged users to confirm such links are genuine before clicking on them.

In February researchers found a campaign that used ads displayed on Skype to deliver a malicious payload to users’s systems.

In the same month, researchers uncovered an unusually complex malware attack that seeks to tap Skype communications, going to great lengths to avoid detection as it does so. The malware was the latest iteration in a family of attack code that was previously linked to cyber-espionage activities possibly sponsored by the Chinese government.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

26 mins ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

2 hours ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

4 hours ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

21 hours ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

22 hours ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

23 hours ago