ACG-CYBER SECURITY BULLETIN NO 146 UNDERSTANDING THE RISK OF SKYPE VIRUS
The following information was obtained from different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG).
The information provided was classified as “Restricted” pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.
Skype virus is a generic name for all Skype telecommunication software-related malware. There are a number of different malware types relating to Skype. Some infiltrate the system and some hijack the Skype account remotely, however, their purpose and behavior are virtually identical.
After successful system infiltration, Skype viruses hijack user accounts and send unwanted messages to all contacts. In some cases, cyber criminals perform these tasks remotely and cyber criminals take advantage of this by breaching users' accounts. Whether the computer is infected or not the end result is identical. Cyber criminals employ hijacked accounts to send private messages to all contacts. These messages contain links to various potentially or malicious websites.
In some cases, a friendly message is displayed together with the link. By including the text, cyber criminals attempt to make these deceptive messages look believable. However, it is a scam. If you notice that your account automatically sends messages or dubious links to your friends and they might complain about receiving them.
Aside from sending spam and phishing links, the Skype virus may give a remote malicious hacker access to your PC system, record your keystrokes, collect your Internet surfing activity by recording URLs visited, IP addresses, web browser version and type, cookie information, Internet Service Provider (ISP) and pages visited. Such kind of behavior can lead to serious security problems or confidential data theft.
Some links promoted by Skype viruses lead to malicious websites. These sites are likely to promote various Potentially Unwanted Programs (PUPs) and crypto-currency miners. Potentially unwanted programs have very similar behavior. They perform some, or all, of these actions: Display intrusive advertisements such as coupons, banners, pop-ups, etc; Gather sensitive information; and modify web browser options.
It should also be noted that attacks of this character use obfuscators so that the malware remains undetected for longer times on infected computers. Attackers are typically using reputable services to spread malicious files and using affected users to spread spam messages to people in their contact list on Skype.
In case you have clicked on such a compromised link, it is a good idea to run a scan with an advanced anti-malware tool as the malware may have sneaked into the system.
In additional, please do not forget to change your Skype password, depending on how far this infection has spread. This is a problem that should not be taken lightly. You should also consider contacting your friends and warning them not to open the malicious links.
The public are advised to follow the tips in order to avoid the risk of Skype Virus, to wit:
- Ignore all the silly messages from your friends,
- Do not click on the links that are incorporated to such messages or arrive on their own.
- Do not download funnypicture.jpg.exe, FlashPlayer.hta or other suspicious files that might be presented as Skype components or content received from your friend
- Ask you contacts for confirmation if they have actually sent link or file to you.
- Install Skype and other updates. It helps to decrease the risk that cyber criminals will use security vulnerabilities to compromise your account.
- Set strong Skype password.
For additional information, please refer to the following websites:
POINT OF CONTACT