Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Skype Malware Campaign Grows – Businesses and Consumers Targeted

Microsoft has suggested that users and businesses switch to Skype following the scheduled shutdown of the MSN Messenger service in March. The problem, however, is that criminals are starting to migrate to that platform if recent discoveries from Trend Micro are any indication.

Microsoft has suggested that users and businesses switch to Skype following the scheduled shutdown of the MSN Messenger service in March. The problem, however, is that criminals are starting to migrate to that platform if recent discoveries from Trend Micro are any indication.

Recently, the Shylock family of malware made headlines for its ability to spread via Skype. Shylock is a banking Trojan, targeting financial data and accounts. While Shylock has been mostly targeting users in the UK and EU, additional malware variants have been observed in the United States.

On Monday, researchers at Trend Micro discovered two additional types of malware targeting Skype users. The first, a worm that has the ability to clear message history is being given the name Bublik. However, code examinations show that the worm downloads additional modules, which have rootkit abilities allowing remote command and control of the infected host.

The second type of malware discovered is being called Phorpiex, which will clone itself to all removable drives once a victim accesses a link to it via Skype. Normally Phorpiex is spread via email, so Skype represents a new attack channel.

“These strings of threats aimed at Skype pose serious risks, not just for ordinary users, but also for small businesses benefiting from the platform,” a blog post from Trend explains. 

“Microsoft is reportedly closing down Windows Messenger on March 15, 2013 and recommends switching to Skype. As such, this poses risks especially to first-time Skype users and with DORKBOT and now, Shylock variants spreading via Skype, users and businesses alike should have a more security-conscious mindset when it comes to using Skype.”

Written By

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.