Feeds

back to article Skype worm chats up victims - then holds PCs to ransom

A worm that locks Windows PC users out of their computers unless they pay a $200 ransom is rapidly spreading via Skype. Once it has secreted itself into a machine, the malware tricks further victims into installing it by using the Microsoft-owned VoIP software to send messages that read "lol is this your new profile pic?" The …

COMMENTS

This topic is closed for new posts.
Holmes

How devious

So you see an obfuscated URL which is supposedly a picture of you and when you follow it, it leads to an archive, which you have to download... Still your picture might be in the archive so you open it and it contains an executable... so you run the executable and... sorry WHO is falling for this?

20
0
Silver badge

Re: How devious

There's something to be said for letting natural selection take its course and get these people forcibly off the net when these viruses delete their files and/or their ISP's kick them off.

Just how many warning signs do you need? Of course, to them, their antivirus "didn't do it's job", like saying the burglar alarm didn't do its job when you left the doors open, only alarmed the shed, invited the burglar in then went upstairs to sleep, and would have ignored the bell going off anyway.

13
3
Facepalm

Re: How devious

Sounds like another tax on the stupid to me.

It's tempting to write something like this that takes over their PC and tells them to take it back to the shop because they're obviously too fucking stupid to own a computer.

16
4
Anonymous Coward

Re: How devious

I guess you smug self-conceited little pricks have never done anything stupid then?

Just because your mum didn't spend here entire childhood locked up in her bedroom on the internet learning about this stuff rather than washing and going outside, doesn't make her stupid, only uneducated.

If she had stayed indoors on the internet then she probably wouldn't have had you, now that would be a good form of natural selection to avoid little dicks like you.

23
12
Bronze badge
Unhappy

Re: How devious

Trouble with these people is that they rarely get kicked off by the ISP, especially if it's a large one.

Thus the zombie army is allowed to grow, resulting in an increase of spam volume in my mailbox :(

2
0
Silver badge

Re: How devious

Hi, Trolly-Anon,

You've made the mistake of thinking that this has anything to do with computing at all. Consider:

Guy rings you up. You don't know who he is, never heard his voice before.

He says he has some photos of you.

He'll send them to you if you want.

Just open your front door and he'll leave them on the mantelpiece.

Then you can open them in your own time.

If you haven't smelled a rat by line #2, you're an idiot.

My mum and dad are actually completely computer-illiterate. They are pensioners and they *can* play games like the Wii with some prompting (mum's actually a Mario-addict from the Gameboy days), but in terms of doing things if it doesn't start as soon as they press a button / put a disk in, they are absolutely baffled. They share a Facebook account that was their first ever online presence, made two years ago - up until then, they had no PC experience whatsoever (mum can type because she used a typewriter in a hospital job 40+ years ago but she still stabs the keyboard too hard), never owned a PC, never been on the net, never had an email account, never even done it through the TV or Wii or anything along those lines. Hell, it took years for them to learn to send a text.

When they get something dodgy (online, offline, on the phone, by text message, by Facebook, by email, by something popping up, or some dodgy bloke knocking at the door), if Dad isn't already shutting the door on their face, they are on the phone to me or my brother. They don't click on emails from strangers (in fact, they get rather annoyed that people they don't know CAN send them email or even Facebook messages), they don't download things, if the window today doesn't look like it did yesterday or something pops up asking permission they phone up or they just switch the computer off.

This isn't the result of intensive training - this is simply experience of what they've heard from others getting scammed, and application of their off-line principles to on-line actions (Who the hell are you and why are you talking to me on Skype / phoning me in the middle of the night?).

It's not an IT skill. It's a life skill. It doesn't matter WHO'S on the other end. If you don't know them, and don't think they have genuine business with you, hang up. Even if they do have genuine business with you, they will contact you another way that you *can* verify them.

But strangers popping up on Skype and asking you to do things for them (like click links etc.)? Come on. This is nothing to do with IT at all. It's common sense, even in pensioners with no IT skills above clicking on Facebook and replying to messages on there by text (not to Facebook, direct to the people in question!) after DECADES of bringing up two IT-literate sons.

Hell, Dad even sent me a message once asking if an email was genuine and actually included in the question he asked were the words "I don't even have an account with that bank!". Guess what, Dad? It's probably a fraud, then. Although not the best in deduction, he checked before he did ANYTHING.

17
4
Silver badge

Re: How devious

Nothing to do with being self-conceited. More on the lines of being able to realise that computing is not easy no matter how much you pay MS to tell you it is. Security is easy - it just stops you being stupid at the drop of a hat which is what you want to do cos somebody lied to you. Get wise then you can be conceited too.

0
1

Re: How devious

I'm sort of with Anon here; while I'm impressed with Lee's parents' common sense there is something seductive about online connections and the ease of communication which these new technologies bring that seems to enhance trust in many naive users, often to their detriment. Taking the piss out of them isn't necessarily the most helpful approach.

On a side note, is it actually possible to be conceited about anyone other than yourself?

3
0
Joke

Re: How devious

>On a side note, is it actually possible to be conceited about anyone other than yourself?

Oh, yes - as a proud parent I'm unendingly conceited about my children's achievements ;-)

Most of my despair with this sort of liveware virus is how depressingly easy it is to write compared to the old days - they depend on psychology rather than technical nous to propagate, and every time I get to thinking "surely nobody could be so stupid as to believe xxxx?", there's a huge bunch of people who prove me wrong.

Happens every election time, too.

5
0
Facepalm

Re: How devious

I was once told to imagine how intelligent the average person is; then to realise that half the population are even more imbecilic than that.

4
0
FAIL

Re: How devious

This isn't about technology, it's about the number of break points at which someone might stop to consider "hey, would my ex-gf from 6 years ago who I forgot to delete off this, and my boss who I thought was on vacation this week anyway and who has the computer literacy of a potato, actually both be sending me an archived executable that was a picture of me along with "Lolz is this ur profile" out of the blue.

Yes people do make mistakes. And Yes any of us who work in IT should be trying harder to make those mistakes less of a problem. But people have to start thinking a bit more about their actions too.

4
0
Facepalm

Re: How devious

"ease of communication which these new technologies bring that seems to enhance trust in many naive users"

When in fact they should be doing the extact opposite. Anyone I know with more than a passing exposure to the internet before Facebook treats almost all communication on the internet with an inherant distrust.

Also, could you put those users in touch with me? I have a great investment opportunity for them ;)

0
0
Happy

Re: How devious

I never open the obfuscated URL.Most of the time ,the URL is a virus.Just back up your pictures well,let antivirus work all the time,update it at regular intervals.eh...

0
0
Anonymous Coward

Re: How devious

Internet when our mothers were children? Our mothers didn't have us at 12.

0
0
FAIL

Not surprsing

M$ buys Skype and all of a sudden it becomes a slow, cumbersome bug filled product that constantly requires updates and gets riddled with trojans.

9
9
Anonymous Coward

Re: Not surprsing

there's a solution, in the form of archival versions of skype. Until they follow Adobe in forcing users to update to their latest, ad-spammed version, by making the old versions "incompatible". But, for now, version 4.2 rulez! ;)

1
1
Anonymous Coward

Re: Not surprsing

Nope, not surprising.. They only recently managed to unbreak the headset support for iOS too (which they broke after buying it). Hell, they broke it for Android for a bit, too. It's markedly more spammy and dysfunctional these days.

0
0
JDX
Gold badge

Re: Not surprsing

So you think the old version magically stops you clicking on links? That this is a new feature?

Idiots.

4
0
Silver badge

Re: Not surprsing

4.0.0.7 here mate, works fine

0
0

Re: Not surprsing

No, that was in progress long before Microsoft bought Skype. The last Mac client to be released by them before the MS takeover was an abomination.

0
0

Re: Not surprsing

Nope. Not to excuse Microsoft's responsibility now that they've been stupid enough to buy it, but Skype has always been a buggy bag of shite.

0
0
Anonymous Coward

I just KNEW there had to be an upside somewhere to the Linux version of Skype being at least one whole version number behind the Windows one...

3
3
Silver badge

Because that version number would have stopped you accepting a download from a stranger and executing it?

7
0
Anonymous Coward

no, not having root would have stopped that

1
2
Silver badge

Not having root?

Anyone falling for this Social Engineering (not a flaw) has already done three stupid actions before typing the password into any "Password to install" prompt.

Clicking on link

Downloading

Unpacking

5
0
Anonymous Coward

Where's the JOKE ALERT icon for ACs? ;-)

I really don't think some people "got it" when I posted the original comment... it was more an oblique joke and criticism of the Linux Skype still being on v4.x, when other platforms are onto 5.x. And no, I've never opened a malicious payload on any OS, Win, Lin or otherwise.

Phew, some folk are a bit precious around here...

0
0
Silver badge

Not new

This scam(*) has been running for YEARS on ICQ, AOL, MSN and Yahoo chat (I have archived instances going back nearly a decade and on IRC going back further than that). I'm surprised it's taken this long to show up on Skype.

"Lol is this your pic" - linking to malware.

5
0
WTF?

correction

some 400 *stupid people's PCs* were infected in the first 24 hours

5
1
Rob
Bronze badge
Go

Re: correction - another one

"some 400 *self obsessed* stupid people's PCs were infected in the first 24 hours"

Let's face it they fell for it because they thought it contained a picture of themselves.

5
1

Skype takes the user experience very seriously

They didn't take my experience seriously when somebody managed to empty my account.

I've only every used the official Skype clients, I had a strong password and I don't follow stupid links in emails yet somehow it had to be my fault.

I lost all my credit - I closed my account.

I use another service now for making international calls...

3
1
JDX
Gold badge

Re: Skype takes the user experience very seriously

Who uses credit rather than a subscription?

Does Skype even LET you withdraw your OWN credit?

1
2
Silver badge

Re: Skype takes the user experience very seriously

"Who uses credit rather than a subscription?"

I do - mainly use it for calling my mother from our holiday home in Switzerland - so £10 lasts for ages. Most other calls are skype-skype.

If I don't use $9/month why would I have a subscription ?

2
0

Re: Skype takes the user experience very seriously

I logged into a computer in an Indian internet cafe a few years back. Skype was installed, and was logged onto some Finnish guy's account. He had plenty of money on it too. I'm too nice though, so I logged him off. I was briefly tempted to tell his mother that I was sexually attracted to her but I chickened out.

Bet that guy would fall for that scam.

0
0
JDX
Gold badge

@Chemist

Fair enough but what about withdrawing credit? If you can't do this it's hard to claim someone stole your credit.

0
0
Silver badge

Re: @Chemist

"it's hard to claim someone stole your credit."

Maybe they just used it - we'd need the original poster to comment and see if he checked his call history and how much went.

0
0
Thumb Down

Re: Skype takes the user experience very seriously

Same thing happened to me. £10 cleaned out in a couple of hours, with calls to Yemen, Belarus and somewhere in Africa. Yes, I had a strong password. No, I didn't leave myself logged in a public place. Skype kindly spotted that my account was subject to fraudulent activity and suspended it when there was 13p of credit left, necessitating various hoop jumping to get it reactivated. No refund though, needless to say. I then got an irritating set of alerts informing me that my credit was low.

0
0
Bronze badge

g+ is vulnerable, too

In Shanghai, in Sept, my gplus session suddenly in two different nigts had strange urls suddenly appear during conversation with a friend in Korea. Really unnerving. I am not given to murder, but with power and no adverse personal consequences to myself, i would globally malevolently expunge every person who ransomed, stole, or destroyed data or work of any civilian and those who authorized, schemed, enabled, obscured, and funded it. I probably would leave alone the state-state and mil-mil levels of the dirty and dangerous game. But, anyone fucking with ordinary civilians or business people would be fair game, gov payroll or not.

(Maybe i should not have said this....)

0
0

This post has been deleted by its author

JDX
Gold badge

Re: g+ is vulnerable, too

Presumably anyone who pirates from a torrent site escapes vengeance though? That's a good kind of crime?

0
0
FAIL

Yes...

I'm currently trying to remove Dorkbot from a PC at work where the guy opened the zip sent by Skype and double clicked the exe. McAfee did it's usual thing and completely ignored the threat. Oh the joys of a corporate AV policy.... wet string would do a better job than McAfee.

Anyway I'm thinking it's format time soon for this PC.

And yes Skype is allowed as a business communication tool in our Org.....

2
0

This post has been deleted by its author

Paris Hilton

"lol is this your new profile pic?"

There was a time when robbing people was done using proper English such as "Give me you're fucking wallet or I'll superglue you to the inside of a lift!" and none of this "lol" business!

0
0

Re: "lol is this your new profile pic?"

'.......YOUR wallet.......'

7
0
FAIL

Re: "lol is this your new profile pic?"

lol

1
0
Facepalm

Re: "lol is this your new profile pic?"

I did that on purpose - its traditional round here to always screw up when making a point about someone else's poor language skills.

1
0
xyz
Facepalm

pratts who fall for this extend well beyond the computo-verse

Was at the boarding gate waiting for a flight to X the other day. Woman then starts asking passengers if they are on the flight to X, then asks for their names, addresses and phone numbers. Most give the info, so this woman ends up with 100s of addresses whose occupants are at least 3 hours away from their homes; never mind the dodgy sales calls they'll get. Forget couch potatoes, more like life potatoes. Most I hazard had iPhones (sorry couldn't resist)

0
0
FAIL

The one thing that makes scams like this work is...

@ Amazing Stace:

> Still your picture might be in the archive so you open it and it contains an executable... so you run the executable and... sorry WHO is falling for this?

The same people who have been falling for it ever since some demented Microsoft person thought that hiding file extensions by default in XP was a good idea. It took the malware world about 2 nanoseconds from then to start using double extensions to disguise executables... and it is still the default, and the trick is still working, today.

5
0
Mushroom

It's exponential, innit?

Accepting that it would take an "exceptional" person to infect themselves with this vector, big contact lists and "social networking" make this a very effective idiot selector. The increase of population exposure to the vector is exponential (network effect), the impact of education is linear (reduce the %age of people that click)...... guess which curve wins?

0
0
WTF?

What?

So this is basically a non-issue if you have "only allow people in my contact list to contact me" selected, correct? Unless of course, your friends are idiots themselves who have maleware running on their boxes.

Unless you're in "business," whatever happened to, "don't answer anything unless it was expected"? Doesn't most of the world need blacklisting anyway?

0
0
This topic is closed for new posts.