Rogue anti-malware lures squirming though Skype

Rogue anti-malware lures squirming though Skype

Summary: Malicious hackers are using Skype to try to trick Windows users into buying a rogue anti-malware application. The lures arrive via Skype's instant messaging feature with a warning that malware has been detected on the machine and urging users to buy and run a fake "repair utility.

SHARE:

Malicious hackers are using Skype to try to trick Windows users into buying a rogue anti-malware application.

The lures arrive via Skype's instant messaging feature with a warning that malware has been detected on the machine and urging users to run a "repair utility." It provides a link to AlertMonitor.org, a domain registered to a Russian address.

Rogue anti-malware lures squirming though Skype

At AlertMonitor.org, the site runs a script that visually pretends to run a scan of the computer and, after a few seconds, displays a "Harmful and malicious software detected" warning.

Rogue anti-malware lures squirming though Skype

If a user is tricked into clicking anywhere on the warning, the site redirects to a different domain (scanandrepair.net) hawking a rogue anti-virus/anti-spyware application. It even pops up a page with a $19.95 receipt for what is described as a "Windows software patch." (Click image for larger version).

Rogue anti-malware lures squirming though Skype

Rogue security applications use false positives as traps to get users to purchase and install software that turn out to be actual malware. In most cases, the rogue app will download additional Trojans, rootkits and keyloggers to steal sensitive information from the machine. Here's a list of known rogue security programs.

A surefire sign that this is a malicious attack on Skype: It's trying to get me to apply a Windows patch on my Macbook.

Topics: Security, Collaboration, Operating Systems, Software, Windows, Social Enterprise

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • This has been around a while...

    From mid-september, at least by the looks of it.

    http://blog.spywareguide.com/2007/09/skype_spammers_promoting_rogue_1.html

    Seems to be quite a lot of people that have complained about it on the skype forums for months, but nobody seems to have done much about it.
    PhatOne
  • By Mac zealot definitions, this isn't malware

    The user has to click on a link in Skype, download a program, install it manually, and give it administrator permissions before it will finally, after the poor user is exhausted from all the clicking, do anything bad to your machine.

    This, along with 99,999 other pieces of malware that Apple counts against Windows, is not malware at all if we use the recent [url=http://blogs.zdnet.com/security/?p=629] Mac zealot definition of what counts as malware. [/url]

    Ryan, please print an appropriate disclaimer that this is [b]NOT[/b] malware or I will accuse you of being an MS hater. :)
    NonZealot
  • I love this part:

    "A surefire sign that this is a malicious attack on Skype: It?s trying to get me to apply a Windows patch on my Macbook."

    Please tell me you did not ruin your keyboard with that spit-take you had to have done when you read that part!?
    Confused by religion
  • RE: Rogue anti-malware lures squirming though Skype

    Don't the hackers know that Anti-spyware is dead? They should update their rogue code to be Anti-malware.
    </end sarcasm>
    clead
  • Somebody please make it stop!

    Noooooooooooooooooooooooo..............
    D T Schmitz