VietNamNet Bridge - A type of virus that has spread odd links on Microsoft’s Skype, a messaging app, can only be identified by some anti-virus software.

A type of virus that has spread odd links on Microsoft’s Skype, a messaging app, can only be identified by some anti-virus software.

On April 25, Skype users in Vietnam repeatedly received messages with strange links. 

The links were found containing viruses after they were verified with VirusTotal, an analysis tool. If Skype users access the links, a file containing malicious software with ‘.src’ format will be downloaded to their devices.  

According to Nguyen Minh Duc from FPT, a file with ‘.scr’ is avbinary file (a computer file may contain types of data, encoded under the binary mode to be stored and used for processing) that operates on the Windows operating system. 

Some anti-virus software products such as Avast, Kaspersky and McAfee can recognize the virus.

When activated, the file will be uncompressed into an ‘.exe’ file. Meanwhile, other ‘.exe’ files will also be downloaded. The virus, after penetrating the computer, will damage data or steal users’ information.

Also according to Duc, by the time the virus is discovered, it has only infected the desktop environment of the Windows operating system. 

Meanwhile, the mobile devices running on iOS, Android, Windows Phone and Skype running on web bases are unaffected. 

Some anti-virus software products such as Avast, Kaspersky and McAfee can recognize the virus.

A representative from Microsoft, the group which developed the Skype messaging app, whom reporters contacted, said he had no information about Skyplex virus.

In early February, Palo Alto Networks, a technology firm, discovered a new type of Trojan, T9000 which attacked Skype users. T9000 was described as an advanced modular back door using complex anti-analysis techniques.

According to Tech Times, T9000, which especially targets Skype users, allows the attacker to capture encrypted data, and take screenshots of specific applications. Once it infects a computer, it will automatically attack the messaging and text/voice service such as Skype, and record the calls and messages that users made.

In order to avoid the malware, users are recommended not to accept requests made by ‘explorer.exe’ when using Skype.

Security experts said that T9000 has been used to attack institutions in the US. 

More seriously, the author of the Trojan utilizes measures to avoid popular anti-virus software, including INCAInternet, Qihoo 360, Rising, Kaspersky, Avira, Tencent, JiangMin, AhnLab, Micropoint, DoctorWeb, Baidu, AVG, McAfee, Panda, Norton, Comodo, TrustPort and BitDefender.

In recent years, as the world witnesses an increase in the number of mobile devices and OTT (over the top) messaging services such as Skype, Messengers, Viber and WhatApps, hackers have been carrying out attacks by exploiting the services. 

At 13 years old, Skype is the oldest app and service, with 300 million regular users.

Buu Dien