Hackers use different methods to spread their malicious scripts
Security researchers have detected a new malware – a Trojan Horse virus that is infecting Skype users through a spam. The most recent victims hit by the Trojan are registered to be residing in India, Japan, and the Philippines. The malicious script spreads through a spam message that contains a link and content written in Japanese. Most probably, the message appears to be sent from a friend or someone from your skype contact list. This is a common deception technique, used by the hackers.
The moment users click on the Skype message link, they get redirected to a compromised website. There, they are prompted to download the Trojan file, masked as an image. According to security researchers, the compromised website appears to be without a firewall. This makes it an easy target for hackers to infiltrate and use it for their criminal deeds. Some anti-malware software may detect it as a potential threat, but some are not able to single out the malicious script.
When the malicious script starts to operate, it connects back to servers located in the United States, China, and Vietnam. Most of these servers are already related to other malicious actions. What this malicious file also does is, it starts to read data from several configuration files and collects information about the computer it got installed in. This information contains the computer’s name and unique identification GUID. Not only that, but this file connects to an IRC server in its attempts to join a botnet.
The content and the links are changing over time with every new malware attack. However, this spamming scheme is not something surprisingly new and has been used with success by the hackers countless times. They keep taking advantage of people’s curiosity and trust that has been established among individuals in a network. Our “How to remove” team would advise users who doubt such spam messages and links to be cautious. If they happen to come across anything resembling the above-described messages, it is a good idea to avoid clicking any links that might be provided as a result of the malware influence. Instead, contact the person who came with that message and ask them if they really wanted to send you something. It is always better to act safely than be sorry.