All the latest UK technology news, reviews and analysis


Dorkbot ransomware worm targets Skype users

08 Oct 2012
malware virus security threat

A new worm targeting Skype users with spam messages designed to infect machines with the Dorkbot ransomware has been discovered.

Security firm Trend Micro discovered the new attack on Monday, after receiving reports of a number of fraudulent messages containing malicious links.

The message contains the question, "is this your new profile pic?" followed by a malicious link.

The links reportedly install a variant of the Dorkbot, also known as NRGbot, worm on the users machine. The Dorkbot variant infects the machine with ransomware that locks the user out and encrypts their files, before going on to charge them $200 to unlock the machine.

A Skype spokesperson told V3 the firm was aware of the threat and urged users to take all necessary precautions to protect against the scam.

"Skype takes the user experience very seriously, particularly when it comes to security. We are aware of this malicious activity and are working quickly to mitigate its impact," it said.

"We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer.

"Additionally, following links - even when from your contacts - that look strange or are unexpected is not advisable."

Trend Micro security director Rik Ferguson told V3 that it is currently unknown how many machines the new Skype campaign has infected.

"We're not sure how many have been affected by this particular variant, I only noted it this morning and TrendLabs analysis of all related components is still ongoing," Ferguson told V3.

"As a family though, Dorkbot has been around since 2011 and is software that can be purchased in the underground economy, so not linked to one particular group of attackers.

"This variant is noteworthy due to the use of click fraud and ransom ware modules. Traditionally Dorkbot has been all about credential theft. This usage though perhaps reflects the growing criminal interest in ransom ware and click fraud as alternative revenue generators."

Ferguson's comments follow widespread warnings within the security industry that ransomware is becoming an increasingly common tool in cyber criminals arsenal.

PandaLabs had previously listed ransomware as one of the booming areas in cyber crime in its quarterly threat report earlier in August,

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 7 end of mainstream support

What are your plans for when Microsoft ends mainstream support for Windows 7 in January 2015?
10%
10%
3%
63%
14%

Popular Threads

Powered by Disqus
LG G3 in gold black and white

LG G3 vs Galaxy S5 video

We pit the two Korean firms' flagship smartphones against each other

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

EMEA Presales Solutions Consultant (Business Analysis)

EMEA Presales Solutions Consultant (Business Analysis...

App Developer (Objective C / XCode) - Northampton

App Developer (Objective C / XCode) Skills...

Digital Project Managment (Development)

Digital Project Manager (Development) Skills...

Snr PHP / Zend Developer - (Leading Digital Agency) - Northampton

PHP / Zend - Web Developer (Superb digital Agency...
To send to more than one email address, simply separate each address with a comma.