If you use Skype to stay connected to family and friends, be careful that you do don’t fall for an ongoing malware attack that starts off with an instant message like the one below:lol is this your new profile pic? http://goo.gl[REMOVED]?img=[USERNAME]
Upon clicking the link, users eventually land on a download page for a file named SKYPE_[TODAY’S DATE].zip, which contains a malicious executable (.exe) file that will install a variant of the Dorkbot worm on the victim’s computer.
Once Dorkbot has been successfully installed on a user’s PC, it will open a backdoor to grant an attacker remote control of the machine. The Dorkbot worm gives attackers the ability to recruit the computer into a botnet & part-take in DDoS attacks, steal login credentials for a variety of websites (Facebook, Twitter, Google, PayPal, Netflix, etc.), inject iFrames into webpages, or download additional malware.
There have been reports that Dorkbot infections may result in the user being locked out of their machine thanks to the worm’s tendency to select ransomware as its choice of additional malware to download. Upon installation, the ransomware will hold the computer hostage until the user forks over a $200 fee.
Given that messages spreading the Dorkbot worm can come from friends on your Skype contact list and not necessarily random strangers, users are urged to remain vigilant when following any links that have been shared with them.
Tips to Keep Your PC Dorkbot-Free
- Exercise caution when following shortened links shared via Skype or social network websites. Here are some tips on how you can investigate urls before clicking on them.
- Do not download files from unknown or untrusted sources, and don’t forget to scan files before opening them.
- If you plug a removable storage device into your PC, be sure to scan it with your antivirus software. Dorkbot – among other pieces of malware – are known to spread via USB thumb drives.
- Always run antivirus software & keep the virus definitions up-to-date.
[via TrendMicro]
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
No comments:
Post a Comment