back to article Skype worm chats up victims - then holds PCs to ransom

A worm that locks Windows PC users out of their computers unless they pay a $200 ransom is rapidly spreading via Skype. Once it has secreted itself into a machine, the malware tricks further victims into installing it by using the Microsoft-owned VoIP software to send messages that read "lol is this your new profile pic?" The …

COMMENTS

This topic is closed for new posts.
  1. Amazing Stace
    Holmes

    How devious

    So you see an obfuscated URL which is supposedly a picture of you and when you follow it, it leads to an archive, which you have to download... Still your picture might be in the archive so you open it and it contains an executable... so you run the executable and... sorry WHO is falling for this?

    1. Lee Dowling Silver badge

      Re: How devious

      There's something to be said for letting natural selection take its course and get these people forcibly off the net when these viruses delete their files and/or their ISP's kick them off.

      Just how many warning signs do you need? Of course, to them, their antivirus "didn't do it's job", like saying the burglar alarm didn't do its job when you left the doors open, only alarmed the shed, invited the burglar in then went upstairs to sleep, and would have ignored the bell going off anyway.

      1. Bronek Kozicki
        Unhappy

        Re: How devious

        Trouble with these people is that they rarely get kicked off by the ISP, especially if it's a large one.

        Thus the zombie army is allowed to grow, resulting in an increase of spam volume in my mailbox :(

    2. philbo
      Facepalm

      Re: How devious

      Sounds like another tax on the stupid to me.

      It's tempting to write something like this that takes over their PC and tells them to take it back to the shop because they're obviously too fucking stupid to own a computer.

    3. Anonymous Coward
      Anonymous Coward

      Re: How devious

      I guess you smug self-conceited little pricks have never done anything stupid then?

      Just because your mum didn't spend here entire childhood locked up in her bedroom on the internet learning about this stuff rather than washing and going outside, doesn't make her stupid, only uneducated.

      If she had stayed indoors on the internet then she probably wouldn't have had you, now that would be a good form of natural selection to avoid little dicks like you.

      1. Lee Dowling Silver badge

        Re: How devious

        Hi, Trolly-Anon,

        You've made the mistake of thinking that this has anything to do with computing at all. Consider:

        Guy rings you up. You don't know who he is, never heard his voice before.

        He says he has some photos of you.

        He'll send them to you if you want.

        Just open your front door and he'll leave them on the mantelpiece.

        Then you can open them in your own time.

        If you haven't smelled a rat by line #2, you're an idiot.

        My mum and dad are actually completely computer-illiterate. They are pensioners and they *can* play games like the Wii with some prompting (mum's actually a Mario-addict from the Gameboy days), but in terms of doing things if it doesn't start as soon as they press a button / put a disk in, they are absolutely baffled. They share a Facebook account that was their first ever online presence, made two years ago - up until then, they had no PC experience whatsoever (mum can type because she used a typewriter in a hospital job 40+ years ago but she still stabs the keyboard too hard), never owned a PC, never been on the net, never had an email account, never even done it through the TV or Wii or anything along those lines. Hell, it took years for them to learn to send a text.

        When they get something dodgy (online, offline, on the phone, by text message, by Facebook, by email, by something popping up, or some dodgy bloke knocking at the door), if Dad isn't already shutting the door on their face, they are on the phone to me or my brother. They don't click on emails from strangers (in fact, they get rather annoyed that people they don't know CAN send them email or even Facebook messages), they don't download things, if the window today doesn't look like it did yesterday or something pops up asking permission they phone up or they just switch the computer off.

        This isn't the result of intensive training - this is simply experience of what they've heard from others getting scammed, and application of their off-line principles to on-line actions (Who the hell are you and why are you talking to me on Skype / phoning me in the middle of the night?).

        It's not an IT skill. It's a life skill. It doesn't matter WHO'S on the other end. If you don't know them, and don't think they have genuine business with you, hang up. Even if they do have genuine business with you, they will contact you another way that you *can* verify them.

        But strangers popping up on Skype and asking you to do things for them (like click links etc.)? Come on. This is nothing to do with IT at all. It's common sense, even in pensioners with no IT skills above clicking on Facebook and replying to messages on there by text (not to Facebook, direct to the people in question!) after DECADES of bringing up two IT-literate sons.

        Hell, Dad even sent me a message once asking if an email was genuine and actually included in the question he asked were the words "I don't even have an account with that bank!". Guess what, Dad? It's probably a fraud, then. Although not the best in deduction, he checked before he did ANYTHING.

      2. Tom 7

        Re: How devious

        Nothing to do with being self-conceited. More on the lines of being able to realise that computing is not easy no matter how much you pay MS to tell you it is. Security is easy - it just stops you being stupid at the drop of a hat which is what you want to do cos somebody lied to you. Get wise then you can be conceited too.

        1. BorkedAgain

          Re: How devious

          I'm sort of with Anon here; while I'm impressed with Lee's parents' common sense there is something seductive about online connections and the ease of communication which these new technologies bring that seems to enhance trust in many naive users, often to their detriment. Taking the piss out of them isn't necessarily the most helpful approach.

          On a side note, is it actually possible to be conceited about anyone other than yourself?

          1. philbo
            Joke

            Re: How devious

            >On a side note, is it actually possible to be conceited about anyone other than yourself?

            Oh, yes - as a proud parent I'm unendingly conceited about my children's achievements ;-)

            Most of my despair with this sort of liveware virus is how depressingly easy it is to write compared to the old days - they depend on psychology rather than technical nous to propagate, and every time I get to thinking "surely nobody could be so stupid as to believe xxxx?", there's a huge bunch of people who prove me wrong.

            Happens every election time, too.

            1. I think so I am?
              Facepalm

              Re: How devious

              I was once told to imagine how intelligent the average person is; then to realise that half the population are even more imbecilic than that.

          2. Interested Party
            Facepalm

            Re: How devious

            "ease of communication which these new technologies bring that seems to enhance trust in many naive users"

            When in fact they should be doing the extact opposite. Anyone I know with more than a passing exposure to the internet before Facebook treats almost all communication on the internet with an inherant distrust.

            Also, could you put those users in touch with me? I have a great investment opportunity for them ;)

      3. Rob Moir
        FAIL

        Re: How devious

        This isn't about technology, it's about the number of break points at which someone might stop to consider "hey, would my ex-gf from 6 years ago who I forgot to delete off this, and my boss who I thought was on vacation this week anyway and who has the computer literacy of a potato, actually both be sending me an archived executable that was a picture of me along with "Lolz is this ur profile" out of the blue.

        Yes people do make mistakes. And Yes any of us who work in IT should be trying harder to make those mistakes less of a problem. But people have to start thinking a bit more about their actions too.

      4. Anonymous Coward
        Anonymous Coward

        Re: How devious

        Internet when our mothers were children? Our mothers didn't have us at 12.

    4. Everything is possible!
      Happy

      Re: How devious

      I never open the obfuscated URL.Most of the time ,the URL is a virus.Just back up your pictures well,let antivirus work all the time,update it at regular intervals.eh...

  2. Ben Rose
    FAIL

    Not surprsing

    M$ buys Skype and all of a sudden it becomes a slow, cumbersome bug filled product that constantly requires updates and gets riddled with trojans.

    1. Anonymous Coward
      Anonymous Coward

      Re: Not surprsing

      there's a solution, in the form of archival versions of skype. Until they follow Adobe in forcing users to update to their latest, ad-spammed version, by making the old versions "incompatible". But, for now, version 4.2 rulez! ;)

      1. Chemist

        Re: Not surprsing

        4.0.0.7 here mate, works fine

    2. Anonymous Coward
      Anonymous Coward

      Re: Not surprsing

      Nope, not surprising.. They only recently managed to unbreak the headset support for iOS too (which they broke after buying it). Hell, they broke it for Android for a bit, too. It's markedly more spammy and dysfunctional these days.

    3. JDX Gold badge

      Re: Not surprsing

      So you think the old version magically stops you clicking on links? That this is a new feature?

      Idiots.

    4. Norphy

      Re: Not surprsing

      No, that was in progress long before Microsoft bought Skype. The last Mac client to be released by them before the MS takeover was an abomination.

    5. Rob Moir

      Re: Not surprsing

      Nope. Not to excuse Microsoft's responsibility now that they've been stupid enough to buy it, but Skype has always been a buggy bag of shite.

  3. Anonymous Coward
    Anonymous Coward

    I just KNEW there had to be an upside somewhere to the Linux version of Skype being at least one whole version number behind the Windows one...

    1. Lee Dowling Silver badge

      Because that version number would have stopped you accepting a download from a stranger and executing it?

      1. Anonymous Coward
        Anonymous Coward

        no, not having root would have stopped that

        1. Mage Silver badge

          Not having root?

          Anyone falling for this Social Engineering (not a flaw) has already done three stupid actions before typing the password into any "Password to install" prompt.

          Clicking on link

          Downloading

          Unpacking

      2. Anonymous Coward
        Anonymous Coward

        Where's the JOKE ALERT icon for ACs? ;-)

        I really don't think some people "got it" when I posted the original comment... it was more an oblique joke and criticism of the Linux Skype still being on v4.x, when other platforms are onto 5.x. And no, I've never opened a malicious payload on any OS, Win, Lin or otherwise.

        Phew, some folk are a bit precious around here...

  4. Alan Brown Silver badge

    Not new

    This scam(*) has been running for YEARS on ICQ, AOL, MSN and Yahoo chat (I have archived instances going back nearly a decade and on IRC going back further than that). I'm surprised it's taken this long to show up on Skype.

    "Lol is this your pic" - linking to malware.

  5. Anonymous Coward
    WTF?

    correction

    some 400 *stupid people's PCs* were infected in the first 24 hours

    1. Rob
      Go

      Re: correction - another one

      "some 400 *self obsessed* stupid people's PCs were infected in the first 24 hours"

      Let's face it they fell for it because they thought it contained a picture of themselves.

  6. Andy Johnson

    Skype takes the user experience very seriously

    They didn't take my experience seriously when somebody managed to empty my account.

    I've only every used the official Skype clients, I had a strong password and I don't follow stupid links in emails yet somehow it had to be my fault.

    I lost all my credit - I closed my account.

    I use another service now for making international calls...

    1. JDX Gold badge

      Re: Skype takes the user experience very seriously

      Who uses credit rather than a subscription?

      Does Skype even LET you withdraw your OWN credit?

      1. Chemist

        Re: Skype takes the user experience very seriously

        "Who uses credit rather than a subscription?"

        I do - mainly use it for calling my mother from our holiday home in Switzerland - so £10 lasts for ages. Most other calls are skype-skype.

        If I don't use $9/month why would I have a subscription ?

        1. pPPPP

          Re: Skype takes the user experience very seriously

          I logged into a computer in an Indian internet cafe a few years back. Skype was installed, and was logged onto some Finnish guy's account. He had plenty of money on it too. I'm too nice though, so I logged him off. I was briefly tempted to tell his mother that I was sexually attracted to her but I chickened out.

          Bet that guy would fall for that scam.

        2. JDX Gold badge

          @Chemist

          Fair enough but what about withdrawing credit? If you can't do this it's hard to claim someone stole your credit.

          1. Chemist

            Re: @Chemist

            "it's hard to claim someone stole your credit."

            Maybe they just used it - we'd need the original poster to comment and see if he checked his call history and how much went.

    2. Dave Robinson
      Thumb Down

      Re: Skype takes the user experience very seriously

      Same thing happened to me. £10 cleaned out in a couple of hours, with calls to Yemen, Belarus and somewhere in Africa. Yes, I had a strong password. No, I didn't leave myself logged in a public place. Skype kindly spotted that my account was subject to fraudulent activity and suspended it when there was 13p of credit left, necessitating various hoop jumping to get it reactivated. No refund though, needless to say. I then got an irritating set of alerts informing me that my credit was low.

  7. dssf

    g+ is vulnerable, too

    In Shanghai, in Sept, my gplus session suddenly in two different nigts had strange urls suddenly appear during conversation with a friend in Korea. Really unnerving. I am not given to murder, but with power and no adverse personal consequences to myself, i would globally malevolently expunge every person who ransomed, stole, or destroyed data or work of any civilian and those who authorized, schemed, enabled, obscured, and funded it. I probably would leave alone the state-state and mil-mil levels of the dirty and dangerous game. But, anyone fucking with ordinary civilians or business people would be fair game, gov payroll or not.

    (Maybe i should not have said this....)

    1. This post has been deleted by its author

    2. JDX Gold badge

      Re: g+ is vulnerable, too

      Presumably anyone who pirates from a torrent site escapes vengeance though? That's a good kind of crime?

  8. Anonymous Coward
    FAIL

    Yes...

    I'm currently trying to remove Dorkbot from a PC at work where the guy opened the zip sent by Skype and double clicked the exe. McAfee did it's usual thing and completely ignored the threat. Oh the joys of a corporate AV policy.... wet string would do a better job than McAfee.

    Anyway I'm thinking it's format time soon for this PC.

    And yes Skype is allowed as a business communication tool in our Org.....

  9. This post has been deleted by its author

  10. LinkOfHyrule
    Paris Hilton

    "lol is this your new profile pic?"

    There was a time when robbing people was done using proper English such as "Give me you're fucking wallet or I'll superglue you to the inside of a lift!" and none of this "lol" business!

    1. TheProf

      Re: "lol is this your new profile pic?"

      '.......YOUR wallet.......'

      1. TommWylde
        FAIL

        Re: "lol is this your new profile pic?"

        lol

      2. LinkOfHyrule
        Facepalm

        Re: "lol is this your new profile pic?"

        I did that on purpose - its traditional round here to always screw up when making a point about someone else's poor language skills.

  11. xyz Silver badge
    Facepalm

    pratts who fall for this extend well beyond the computo-verse

    Was at the boarding gate waiting for a flight to X the other day. Woman then starts asking passengers if they are on the flight to X, then asks for their names, addresses and phone numbers. Most give the info, so this woman ends up with 100s of addresses whose occupants are at least 3 hours away from their homes; never mind the dodgy sales calls they'll get. Forget couch potatoes, more like life potatoes. Most I hazard had iPhones (sorry couldn't resist)

  12. James Marten
    FAIL

    The one thing that makes scams like this work is...

    @ Amazing Stace:

    > Still your picture might be in the archive so you open it and it contains an executable... so you run the executable and... sorry WHO is falling for this?

    The same people who have been falling for it ever since some demented Microsoft person thought that hiding file extensions by default in XP was a good idea. It took the malware world about 2 nanoseconds from then to start using double extensions to disguise executables... and it is still the default, and the trick is still working, today.

    1. actually
      Mushroom

      It's exponential, innit?

      Accepting that it would take an "exceptional" person to infect themselves with this vector, big contact lists and "social networking" make this a very effective idiot selector. The increase of population exposure to the vector is exponential (network effect), the impact of education is linear (reduce the %age of people that click)...... guess which curve wins?

  13. zeromastermind
    WTF?

    What?

    So this is basically a non-issue if you have "only allow people in my contact list to contact me" selected, correct? Unless of course, your friends are idiots themselves who have maleware running on their boxes.

    Unless you're in "business," whatever happened to, "don't answer anything unless it was expected"? Doesn't most of the world need blacklisting anyway?

This topic is closed for new posts.

Other stories you might like