The IRCbot variant is spammed via e-mail, with the attached file disguised as the newest release of Skype, version 1.4.
A Trojan passing itself off as the Skype voice-over-Internet (VoIP) client is making the rounds, security firm MessageLabs warned Monday.
The IRCbot variant is spammed via e-mail, with the attached file payload disguised as the newest release of Skype, version 1.4, said MessageLabs. Skype Technologies released the 1.4 client at the end of September.
"For further details see the attached document," read the e-mail after an opening spiel touting Skype's features.
Users who launch the attached file see a fake dialog box on their screens; the dialog displays a phony installation error. In fact, the Trojan is installing itself, shutting down access to Windows Update, and connecting to an IRC server for further instructions from its handler.
"This is the first case that we've seen that specifically mentions Skype," said Maksym Schipka, a senior anti-virus researcher at MessageLabs, in a statement. "It's another example of how malware writers are quickly exploiting new releases of popular software applications in order to spread their malicious payloads."
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.