Security vendor Trend Micro said it uncovered at least 6,800 DORKBOT attacks. As reported by Rik Ferguson, Director of Security Research and Communication at Trend Micro, cybercriminals use Skype messages to distribute various threats including ransomware and infostealers.
These attacks send the instant message, “lol is this your new profile pic?” to Skype users:
When users click on the link, they are directed to a file hosted at a legitimate file locker service.
The file downloaded is a variant of the DORKBOT malware family, which is detected as WORM_DORKBOT.DN. These attacks are known to launch distributed denial-of-services (DDoS) attacks against targeted systems and steal passwords from various websites. It also has the capability to download other malware depending on the link provided by the C&C server. Trend Micro advised that users apply updated security solutions on their computer.
About Trend Micro
Trend Micro Incorporated (TYO: 4704;TSE: 4704), a global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years’ experience, we deliver top-ranked client, server and cloud-based security that fits our customers’ and partners’ needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ cloud computing security infrastructure, our products and services stop threats where they emerge – from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.