Wisdom of Life

Skype Users Targeted with Ransomware and Click Fraud

skype_logo_screen7

The infection that’s still spreading across users of Skype has taken an interesting twist: ransomware and click fraud.

Skype users tempted to follow the latest set of infection links will end up with a zipfile on their PC. Here’s an example of the rogue links still being pinged around:

 

Clicking the link will download a zipfile, and running the executable inside will see the infected PC making waves with network traffic that wasn’t present when we tested the last executable.

 

After a while, a Java exploit will call down some fire from the sky and the end-user will be horrified to see this:

 

The above is a typical Ransomware scare message that locks the user out of their data, encrypts the files and demands payment (via Moneypak) to the tune of $200. The IP address and geographical location is displayed in the bottom right hand corner, along with various threats related to the downloading of MP3s, illegal pornography, gambling and more besides. Ransomware is currently a big deal and not something an end-user really wants to have on their computer.

Meanwhile, behind the scenes we have attempts at click fraud taking place behind the locked computer screen. And what an attempt it is: in the space of 10 minutes, we recorded 2,259 transmissions(!):

 

Don’t be like this unfortunate individual and get yourself locked out of your machine – to infect the computer, you’ll need to manually click the download link, open the zip and run the executable. On top of that, anybody trying to open the file who hasn’t switched off file security warnings will be told that “The publisher could not be verified, are you sure you want to run this software” so there’s plenty of chances to dodge this bullet.

Ransomware is becoming an increasingly common tool in cyber criminals arsenal.