Worm spreading on Skype IM installs ransomware onto PC
A malicious worm spreading through Skype instant messages threatens to take control of a victim’s machine and hold its contents for ransom.
The issue, which was first brought to light Friday by GFI, tricks users into downloading a ZIP file by displaying the socially-engineered message, “lol is this your new profile pic?” along with a link that also spreads the message to other Skype users. The ZIP filed contains an executable file that installs a variant of the Dorkbot worm and creating a backdoor via “Blackhole,” an exploit kit used by criminals to infect computers through security holes.
The backdoor allows a remote attacker to take control of the machine and install the ransomware, a malicious application that locks the user out of the computer via password or encryption and demands a payment, or ransom, in exchange for its contents. This particular strain demands a payment of $200 within 48 hours or risk having their files deleted.
PC users are also presented with a screen (see below) that claims the computer has been used to visit sites of a nefarious nature, including the downloading of MP3s, illegal pornography, gambling, and illegal drugs, and threatens to send that information to the “special Department of US government” via a program called “System Cleaner,” which it claims was developed by the U.S. government “to prevent crime and illegal activity on the Internet.”
Read more here… http://news.cnet.com/8301-1009_3-57528353-83/worm-spreading-on-skype-im-installs-ransomware/