Localized Dorkbot malware variant spreading across Skype
Summary: Security researchers from Avast have intercepted a currently spreading Darkbot malware campaign, that's affecting millions of Skype users.
Security researchers from Avast have intercepted a currently spreading Darkbot malware campaign, that's affecting millions of Skype users.
The malware spreads by messaging all of your contacts with a bogus "new profile picture message". It targets all the major Web browsers, and is also capable of distributing related malware such as Ransomware/LockScreen, as well as steal accounting data for major social networking services such as Facebook, Twitter, as well as related services such as GoDaddy, PayPal and Netflix.
What's particularly worth emphasizing on in regard to this malware variant, is that the messages used by the cybercriminals behind it have been localized to 31 different languages, with the malicious attackers relying on the GetLocaleInfo API function to ensure that they've properly geolocated the host.
Thanks to the rise of "cultural diversity on demand" services, literally each and every cybercriminal can embed professionally translated messages within their campaigns, potentially increasing the probability of having a potential victim click on these messages, and most importantly trust them, and their sender.
Users are advised to ensure that they're running the latest version of their third-party software, browser plugins, ensure that the URL they're about to click on hasn't already been flagged as malicious, and take advantage of application sandboxing techniques to avoid direct exploitation of their host.
Find out more about Dancho Danchev at his LinkedIn profile.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Dorkbot?
Not a typo...
VERY NICE....
Next week they are set to release onto the world a virus of their own called Windows 8.
Please Microsoft, let this be the last turd that ever falls from Redmond's arse!
that's true
SPoken like a true troll
That API is Windoze specific
Localized Dorkbot malware variant spreading across Skype thanks to
I'll bet Loverock Davidson pulled a few strings to get this done .....your the man ......thanks Lovie
Microsoft Windows: An unacceptable level of risk
Oh no . . .
What security flaw?
"Clicking the link opens a .zip file that contains “skype_02102012_image.exe.” Unzipping the file opens a backdoor and installs the Dorkbot worm."
You have to open a .zip file, extract an executable, run it, dismiss the warning that this came from an untrusted source, and then give it admin privileges.
In other words, this would work just as well in Linux and OS X unless you are now going to claim that these OSs do not have the ability to run applications when the user begs and pleads the OS to run that application?
And more from same source
A trojan that has infected 100s of computers in the world?
Wow. How many 0s would you need between the 0. and the 1% to describe the percentage of users that have requested to be infected with this trojan? Don't forget MacDefender infected hundreds of thousands of OS X machines through yet another OS X security vulnerability.
Localized Dorkbot malware variant spreading across Skype
As for the malware the signatures in the antivirus have already been updated and this requires a user to click a link. I consider this threat contained and pretty much eliminated by this point.
Hilarious! ZDNet posters don't know the difference between an application..
No, we know the difference, we know that (as usual) this malware threat only effects windows.
"As for the malware the signatures in the antivirus have already been updated and this requires a user to click a link"
Wow, windows security really has improved over the years hasn't it? now to get infected with malware the user has to go through the arduous task of clicking on a link, no wonder windows users have to use third party software to try and keep their PC's safe.
And the answer is
Read the above posts before mine and you will see that no they don't know the difference.
"Wow, windows security really has improved over the years hasn't it? now to get infected with malware the user has to go through the arduous task of clicking on a link, no wonder windows users have to use third party software to try and keep their PC's safe."
You are right, it has improved tremendously since the early days of Microsoft Windows 9x. A user has to go out of their way now to get infected. Users have to rely on 3rd parties because when Microsoft said it was going to build in some security features into the kernel the 3rd party antivirus companies threw a fit. So blame them, not Microsoft or its users.
Crap ZDNet forums
Now there's a useful conversation
When finishing an article, the browser back function always brings you back to list of the first displayed articles, forcing you to scroll to the bottom, hit the View more articles (sometimes a number of times) to return to where you were in the list.
There's no editing.
There's no formatting.
I believe bloggers are still paid on number of posts, which explains the flame bait titles and articles.
You can't vote down articles. I know this can turn into voting wars, but it does tend to cause irrelevant and troll posts to disappear.
Perhaps the critical bloggers could redirect their attention to their own platform?
A user has to go out of their way now to get infected
"Microsoft said it was going to build in some security features into the kernel the 3rd party antivirus companies threw a fit. So blame them, not Microsoft or its users."
You heard it from Loverock himself, microsoft places the needs of antivirus companies before the needs of it's users.
But we Linux users have always known that microsoft doesn't care about its users security, all microsoft cares about is making more $$$.
Hah!
You rag on Microsoft Windows security
Plus how can windows even have all those "apparent" security features you mentioned when microsoft doesn't even build security into their own OS? you said it yourself remember "antivirus companies would have went to the DOJ if Microsoft built in their own security"
So to sum things up, all windows users have to do to get infected with this malware is click a link, microsoft cares more about antivirus companies than they do about their own users, and microsoft doesn't even build security into their own OS.
You're doing a great job showing the benefits of using Linux over windows Loverock, keep up the good work my friend.
Loverock Davidson even you after all these years has to be wondering WHY
Lovie you didn't prove anything by saying "trust worthy computing,etc" is better or beats anything Linux has done....................ALL YOU POINTED OUT is that WITH all these efforts that Microsoft has tried, THEY have failed to make Windows secure for there customer base for any legenth of time.
Lovie even you must understand the fact that Microsoft is a total failure at keeping their customer base secure at some point in time. Go look at hunders of security up dates and that come back and tell me WHY its so easy to hack into Windows...........the simple fact is any windows operating system has always been easy to hack..........and Lovie not even you with all your BS can dispute that fact .................as they say END OF STORY