Malware News Skype Spam Delivers Trojan Disguised as Image

BoraMurdar

Community Manager
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
Affecting users in Japan, India, and the Philippines

This is just a quick reminder on why it's not a good idea to follow strange links you receive on social media or IM clients such as Skype.

According to US security firm Malwarebytes, users in countries like Japan, India, and the Philippines are currently seeing a spam campaign that's trying to lure them to malicious websites.

The campaign is carried out via Skype and using Bit.ly links to hide the infected website's URL. The format of the message is mostly the same, and crooks are trying to entice users on clicking the URL by promising a funny photo.

In one example, Japanese users are seeing messages in the form of [Translated] "too much bit.ly/7_random_characters?profile_image=Skype_contact_name"

Spam campaign delivers Trojan.Injector disguised as a screensaver file
When users click the link, they'll be redirected to a site that pushes a file download. The file has been cleverly renamed to show two file extensions in the form of filename.JPEG.SCR.

Users may think the file is a photo, but it's actually a screensaver. Malwarebytes says that users that agree to the download and then open the file will be infected with a trojan.

Once the infection occurs, the trojan will contact its master servers, located in locations such as the US, China, and Vietnam.

Malwarebytes claims that crooks use legitimate websites to distribute these malicious downloads. The company says that crooks hack into these websites, and create malicious pages that serve the malware-laced file.

"For those who are new to Skype spam, note that this modus operandi has been reused countless times, and it often yields successful results for the criminals," Jovi Umawing explains for Malwarebytes. "When in doubt, never click links and confirm with the person who pinged you first if they have indeed sent you such a message. As we always say, it’s better safe than sorry."

We know human curiosity plays a huge factor in the efficiency of such campaigns, so, courtesy of Malwarebytes, below is an image that shows what you'll see if clicking on such links.

spam-alert-skype-spam-delivers-trojan-disguised-as-image-503806-3.jpg
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
In Philippines, my view where infections like these are no longer a trap for ordinary users. Why? Because I can see that a basic understanding to steer away on those threats already part of common sense.

However sometimes little percentage where still fall on those clever tricks.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top