Hackers exploit Skype API to infect Windows PCs

New worm reinforces Skype's reputation as an app with security issues

Cyber criminals are again using Skype to wreak havoc, according to Sophos's Naked Security blog. The worm they're using this time, a variant of Dorkbot, lets hackers take control of infected Windows PCs remotely via HTTP by exploiting the Skype API. From there, they send unsolicited instant messages along the lines of "lol is this your new profile pic?" followed by a URL. Clicking the link downloads a ZIP file containing malicious executable files, which Sophos has detected as Troj/Agent-YCW or Troj/Agent-YDC.

"Before you know it, your computer has been recruited into a botnet ... and could fall victim to a ransomware attack," wrote Graham Cluley, a senior technology consultant at Sophos.

Variants of the Dorkbot attack have been spotted over the past year or so, spreading via Facebook and Twitter, as well as USB sticks and IM protocols. The danger, Cluley cautioned, is that "Skype users may be less in the habit of being suspicious about links sent to them than, say, Facebook users."

Skype told InfoWorld via email that it is aware of the malicious activity and is working to mitigate its impact. "We strongly recommend upgrading to the newest Skype version and applying updated security features on your computer," per the statement. "Additionally, following links -- even when from your contacts -- that look strange or are unexpected is not advisable."

It's not as though Skype users have been immune to security threats in the past, which could explain why Skype, along with Dropbox, is among the most commonly blacklisted apps in the enterprise, according to Zenprise's Q2 2012 Mobile Device Management Cloud Report. The report found that organizations have become increasingly wary of applications that reduce productivity, drain bandwidth, and have known security risks.

Skype has been dogged by security concerns for some time. For example, last year, a security consultant discovered a cross-site scripting flaw that could be used to change a user's password. Also in 2011, researchers discovered several serious security and privacy flaws in Skype that even a "high school-age hacker" could use to track not only users' locations over time but also their P2P file-sharing activity, Network World reported.

Then in July, Skype had to contend with a glitch where IMs were shared with unintended parties. Notably, Mac users haven't been immune to Skype security vulnerabilities either.

This story, "Hackers exploit Skype API to infect Windows PCs," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Join the discussion
Be the first to comment on this article. Our Commenting Policies