Skype virus is a group of malicious programs and phishing scams that have been targeting users of this widely-spread application. One of the first cyber threats was Skype worm w32/Ramex.A which was detected in 2007. However, it seems that the term “Skype virus 2018” will continue appearing in users' searches. The latest its versions are reported as Baidu virus and goo.gl virus.| NAME | Skype virus |
|---|---|
| Type | Malware, adware, scam |
| Main problem caused by malware | Sends various messages and goo.gl links to all contacts automatically, without user's knowledge |
| Other issues reported by users | Interrupts its victims with annoying ads, redirects to sponsored websites, fake survey ads |
| Dangers | Redirects to infected websites, the loss of personal information, infiltration of malware, system crashes because of bitcoin mining |
| Ways to solve the problem | Remove shared.xml file, change your Skype password, run a full system scan with Reimage. |
Previously, Skype network was involved into distribution of Bitcoin-mining malware.[1] Because of that, sometimes it is referred to as the Bitcoin virus. This infection is used to exploit computers' resources to generate virtual currency. As a result, the affected machine becomes slow and practically unusable. However, bitcoin mining is not the primary goal of the malware.
The most popular versions of Skype malware have been designed to steal users' personal information, sensitive computer data or to distribute malicious content by sending messages telling “Hey, check this video” or “this is a very nice photo of you” that are followed by a malicious link.
For instance, the Koobface virus, which has been spreading messages featuring links to “shocking” or “hilarious” videos with the user's name (or username) attached.[2] Links that are usually added to such messages are used to download and install the Koobface worm on the computer.
Up until now, hackers have presented several methods used to hack users' accounts[3]. Besides, hackers have also started connecting the affected computers to botnets[4] which are used to spread a massive amount of spam or initiate other malicious activities. For this reason, sometimes it is difficult to attribute any specific characteristics to Skype spam virus.
If you have problems with logging in to your Skype account or receive reports from your contacts that they received some shady link from you, you might suspect that your account was compromised. You should run a full system scan with Reimage or similar anti-malware software to remove Skype virus.
The virus might send a “very nice photo of you”
One of the versions of Skype virus is known for spreading spam message saying “this is a very nice photo of you” which is followed by a link. Once clicked, particular malware is dropped on the system.
This malware was very active in 2013. Back then it mostly aimed at users from Latin America. However, they received a fake message in Spanish language “esta es una foto muy amable de tu parte.”
This malware was very active in 2013. Back then it mostly aimed at users from Latin America. However, they received a fake message in Spanish language “esta es una foto muy amable de tu parte.”
However, several users from other countries reported about getting the same message in their native language. Therefore, language barrier does not prevent the virus from spreading around the globe.
Hacked Skype accounts spread links to Baidu, LinkedIn, and other fake sites
In 2016, numerous Skype accounts were hacked and spread links to Baidu.com, LinkedIn.com, and other popular websites. One of the most active Skype virus spam campaigns uses infected user’s account to distribute a malicious Baidu.com link which redirects to the shady Forbes rip-off site Coolinfovip(dot)com [5].
You should be aware of links directing to shady Baidu link. At the end of the link, the name of a Skype contact recipient is appended. If you click on this link, your device might be infected with a severe virus, and all your contacts will receive the link automatically.
According to the latest news, Baidu virus uses multiple fake domains to display the fake Forbes website. Apart from the previously mentioned Coolinfovip, the virus can also redirect to 2016forbesnews-f.net.
This link is automatically sent to all users on the infected account owner's contact lists. The cycle is likely to repeat itself when the link is clicked on some other computer. That's why you should never leave this virus on your machine and remove Skype virus as soon as possible.
Additionally, Skype malware was noticed spreading malicious Google links which are typically shortened. Therefore, you should not click aun unknown link that starts with http://goo.gl/. Simarly, users reported about fake bit.ly links spam.
Skype malware spread as a fake Adobe Flash Player update
In April ,Skype users were hit by malvertising campaign that urged to download fake Adobe Flash Player update. People received this alert every time they logged into their accounts. Thus, there’s no surprise that many users were ticked.
As soon as they logged into their accounts, they received a “File Download – Security Warning” window asking to enable FlashPlayer.hta file. The source code of a html application file contained parts of a disguised JavaScript code. It was programmed to run PowerShell and download a further payload.
Virus researchers have been able to identify the three web pages that were spreading fake Flash Player update:
- oyomakaomojiya(.)org,
- admdownload.adobe.com,
- cievubeataporn(.)ne.
Additionally, the three email addresses have been associated with dozens of malicious new registered websites:
- jonathandpreston@wants.dicksinhisan.us
- edwardslawler@dicksinmyan.us,
- justincabel@airmail.cc.
Interestingly, that the former two domains have been already spotted for malicious activity by virus researchers. It suggests that this malvertising campaign is not the wrongdoings of an ordinary wannabe hacker. In fact, used .hta file, hidden JavaScript code, and the very fact that Flash player is employed sparks speculations that Cerber ransomware hackers might be behind this latest malvertising technique.
Tips to recognize and avoid scam attacks
As you can already understand, Skype virus has many different shapes and forms. However, it’s still possible to recognize phishing attempts. All you have to do is to be attentive, careful and critical. All these features will stop you from spontaneous clicks or downloads.
- Ignore all the silly messages from your friends, like “lol is this your new profile pic?”, “This is a very nice photo of you” and similar. Most importantly, do NOT click on the links that are incorporated to such messages or arrive on their own.[6]
- Do not download funnypicture.jpg.exe, FlashPlayer.hta or other suspicious files that might be presented as Skype components or content received from your friend.
- Ask your contacts for confirmation if they have actually sent link or file to you.
- Install Skype and other updates. It helps to decrease the risk that cyber criminals will use security vulnerabilities to compromise your account.
- Set strong Skype password.
- Windows OS users should combine Skype account with Microsoft account if they haven’t done it already. According to the computer, this makes your account more secure and recovery of the account easier.[7]
- Set up two-step verification on your Microsoft account once you connect it with Skype account.
Remove Skype virus automatically and secure your account
If you can't connect to your Skype account normally, you can be infected with Skype virus. As you must have already understood, it is a seriously dangerous program/issue that can lead you to the loss of your private information. Besides, it can make your computer useless by misusing its resources.
For Skype virus removal, you need to install reliable anti-spyware from professional developers. We highly recommend Reimage or Malwarebytes. Cracked or pirated programs may not only be useless but also cause system instabilities, making your computer more vulnerable and prone to malware infections.
However, to remove Skype virus without leaving its leftovers, follow the guidelines below:
Windows OS:
- Quit Skype app;
- Click Start, type in run and press Enter;
- Type in %appdata%skype, click OK;
- Find this file and delete it: shared.xml;
- Restart Skype app.
Mac OS X:
- Quit Skype;
- When in Finder, locate the following folder: ~/Library/Application Support/Skype;
- Delete this file: shared.xml;
- Restart Skype.
Once you clean up your PC, you have to change your Skype password:
- Go to https://account.microsoft.com and log in using your Microsoft account details.
- Navigate to Security and Privacy.
- Under Account Security option click on More security settings.
- Under Sign-in preferences, you have to choose Change sign-in preferences.
- When in Change sign-in preferences uncheck Skype name and press Save.
However, if you do not see the Skype name in Change sign-in preferences, you have to follow these steps:
- Go to www.skype.com and log in with your Skype username.
- Click on Settings and preferences / Change password.
- Set a new password.
Hi. I’m Designer of Blog Magic. I’m CEO/Founder of ThemeXpose. I’m Creative Art Director, Web Designer, UI/UX Designer, Interaction Designer, Industrial Designer, Web Developer, Business Enthusiast, StartUp Enthusiast, Speaker, Writer and Photographer. Inspired to make things looks better.
>>>>> Download Now
ReplyDelete>>>>> Download Full
>>>>> Download LINK
>>>>> Download Now
>>>>> Download Full
>>>>> Download LINK M3