Localized Dorkbot malware variant spreading across Skype

Summary:Security researchers from Avast have intercepted a currently spreading Darkbot malware campaign, that's affecting millions of Skype users.

language-version-Skype-malware

Security researchers from Avast have intercepted a currently spreading Darkbot malware campaign, that's affecting millions of Skype users.

The malware spreads by messaging all of your contacts with a bogus "new profile picture message". It targets all the major Web browsers, and is also capable of distributing related malware such as Ransomware/LockScreen, as well as steal accounting data for major social networking services such as Facebook, Twitter, as well as related services such as GoDaddy, PayPal and Netflix.

What's particularly worth emphasizing on in regard to this malware variant, is that the messages used by the cybercriminals behind it have been localized to 31 different languages, with the malicious attackers relying on the GetLocaleInfo API function to ensure that they've properly geolocated the host.

Thanks to the rise of "cultural diversity on demand" services, literally each and every cybercriminal can embed professionally translated messages within their campaigns, potentially increasing the probability of having a potential victim click on these messages, and most importantly trust them, and their sender.

Users are advised to ensure that they're running the latest version of their third-party software, browser plugins, ensure that the URL they're about to click on hasn't already been flagged as malicious, and take advantage of application sandboxing techniques to avoid direct exploitation of their host.

Find out more about Dancho Danchev at his LinkedIn profile.

Topics: Security

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.