By Dancho Danchev
Skype users, beware!
Cybercriminals are currently spamvertising millions of emails impersonating Skype, in an attempt to trick Skype users that their password has been successfully changed, and that in order to view their call history and change their account settings, they would need to execute the malicious attachment found in the emails.
Screenshot of the spamvertised email:
Detection rate for the malicious attachment: MD5: 0e78d3704332c59b619f872fd6d33d25 – detected by 32 out of 43 antivirus scanners as Trojan-Downloader.Win32.Andromeda.qw. Upon execution, the malware opens a backdoor allowing the cybercriminals behind the campaign complete access to the affected user’s host.
We’ve already seen the same MD5 used in the recently profiled “‘Your UPS Invoice is Ready’ themed emails serve malware” campaign. Clearly, they’re both launched by the same cybercriminal/gang of cybercriminals.
Webroot SecureAnywhere users are proactively protected from this threat.