A new worm called “Dorkbot” is making rounds, targeting unsuspecting Skype users. The worm had previously affected both Twitter and Facebook, using social engineering tactics to trick users into clicking untrustworthy links that put their systems at risk.
Many security firms, as well as users have reported receiving messages from friends in their contact lists with the message asking “lol is this your new profile pic?” with a shortened link redirecting users to a download on Hotfile.com. As reported by Trend Micro’s blog, Rik Ferguson says that the Skype worm is spreading fast, with messages being sent in English and German.
The worm is hidden inside a file labled as “Skype_todaysupdate.zip”. An executable file of the same name, detected as TROJ_DLOADER.IF, installs the Dorkbot worm. The severity of the problem escalates as the worm compromises the machine, it locks the user out and joins a botnet. The worm uses what’s known as “ransomware” to extort funds from a user. It informs users that their files have become encrypted and will be deleted unless they pay a $200 fine within 48 hours.
Skype suggests users update to the latest Skype version and updating any security features you may have on your computer. The best way to keep your system safe is to avoid clicking on suspicious links, even if they come from your contacts.
Remember – an ounce of prevention is worth a pound of cure.