Skype worm spreading via 'lol profile pic' messages

Skype users were warned Tuesday (Manila time) against responding to malicious unsolicited instant messages that seek to infect computers running Microsoft's Windows operating system.

 

In a blog post, security vendor Sophos said the worm exploits Skype's API to spam messages that claim, "lol is this your new profile pic?," along with a link.

 

"Clicking on the suspicious links leads to the download of a ZIP file (variously called skype_06102012_image.zip or skype_08102012_image.zip) that contains executable files detected by Sophos anti-virus products as Troj/Agent-YCW or Troj/Agent-YDC," it said.

 

"The danger is, of course, that Skype users may be less in the habit of being suspicious about links sent to them than, say, Facebook users," it added.

 

Once installed, the Trojan horse opens a backdoor to let a remote hacker take control of the infected PC, and communicates with a remote server via HTTP.

 

Sophos said there had been many variants of the Dorkbot attack in the last year, spreading via Facebook and Twitter, as well as USB drives and instant messaging.

 

"Always remember to be suspicious of unsolicited out-of-character messages sent to you by your online friends," it advised. — TJD, GMA News