Skype users, beware. There are nefarious links being spread around through Skype, and if you click them you will be presented with a lot of adware. However, there are good news, and bad news here.
The threat was first discovered when one PhishMe user received a message over Skype, where the other party tried several times to contact him.
The attacker was trying to call with a username that also contains a link to a domain, www.viewror[d]com. Once clicked, a voice directs the user to click the download link and install a “proprietary” video player in order to play the video.
„This download is part of an affiliate program where the attacker is probably getting money on a per-install or per-download basis,“ it says on the PhishMe website.
Once the executable is opened, it asks to run as administrator. The user is presented with a screen to install different aspects of the program, all of which are pieces of adware, PhishMe says.
Those were the bad news, and now for the good ones:
The researchers contacted Microsoft as well as Amazon, which was hosting some of the domains where the attacks and spam were coming from.
Together, the two companies are disrupting this scheme by nuking the Skype accounts involved and going after the IP addresses used.
As usual, most security breaches start with a phishing attempt, where an unsuspecting victim clicks and instals malicious software. Be careful and double-check anything you receive in mail, over skype or any messenger service, before installing.